Re: BGP filter

From: Matt Wagner (miguknom@xxxxxxxxxxx)
Date: Fri Aug 17 2001 - 13:26:50 GMT-3

• Next message: George Louis: "Re: 1000 CcIE's every 6 month's"
• Previous message: Padhu (LFG): "RE: Re: ospf over frame relay"
• Maybe in reply to: Fear, Russell H: "BGP filter"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Actually, permitting "host <network> host <subnet mask>" works for what
Russel is trying to do. With BGP it has a different implementation than
what you are used to seeing (source --> destination). It means "match this
network and this mask length". What Russel is trying to do is to accomplish
the "aggregate-address/summary-only" functionality by using an extended
access-list. It has the same effect, but with arguably greater control.
The downside is that advertisements with longer netmasks won't show up as
"s" for suppressed in the BGP table...

Matt

----Original Message Follows----
From: Jason Gardiner <gardiner@sprint.net>
Reply-To: Jason Gardiner <gardiner@sprint.net>
To: "Fear, Russell H" <Russell.Fear@capgemini.co.uk>
CC: "'ccielab@groupstudy.com'" <ccielab@groupstudy.com>
Subject: Re: BGP filter
Date: Fri, 17 Aug 2001 09:35:20 -0400

Okay,

First off, is there an international version of IOS? I've never seen
"neighbour" but rather "neighbor" :)

I've never setup a dist list with an extended access-list , but it
appears that you are permitting from 194.201.48.0 with a mask of
255.255.255.255 to host 255.255.252.0 with a mask of 255.255.255.255.

Try this:

access-list 103 permit ip 194.201.48.0 0.0.3.255 any

"Fear, Russell H" wrote:
>
> Can someone in the group tell me where I'm going wrong here ?
>
> I have networks 194.201.48.0/24 - 194.201.51.0/24 plus the aggregate of
> 194.201.48.0/22 being advertised by a BGP speaker. I am trying various
kinds
> of filters and the one I cannot get to work is the following.
>
> neighbour 172.168.16.1 distribute-list 103 out
>
> access-list 103 permit ip host 194.201.48.0 host 255.255.252.0
>
> The aggregate does not even reach the BGP table in the second router.I've
> checked the syntax and I think that this should let the aggregate only
> through.
>
> Any obvious mistakes ?
>
> Russell
>
>
*******************************************************************************
*************
> " This message contains information that may be privileged or
confidential and
> is the property of the Cap Gemini Ernst & Young Group. It is intended
only for
> the person to whom it is addressed. If you are not the intended
recipient, you
> are not authorized to read, print, retain, copy, disseminate, distribute,
or use
> this message or any part thereof. If you receive this message in error,
please
> notify the sender immediately and delete all copies of this message ".
>
*******************************************************************************
*************
> **Please read:http://www.groupstudy.com/list/posting.html

--
Thanks,
Jason Gardiner
Supervisor, Engineering Services
Sprint E|Solutions
"You can swim all day in the Sea of Knowledge and
still come out completely dry.  Most people do."
- Norton Juster
**Please read:http://www.groupstudy.com/list/posting.html

• Next message: George Louis: "Re: 1000 CcIE's every 6 month's"
• Previous message: Padhu (LFG): "RE: Re: ospf over frame relay"
• Maybe in reply to: Fear, Russell H: "BGP filter"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:31:52 GMT-3