From: Rajeev Siddappa (raj_lab@xxxxxxxxx)
Date: Sun Dec 30 2001 - 19:19:49 GMT-3
Hey Mick,
Here is the Bug ID and description.
CSCdu47997
A Cisco Router may experience a Border Gateway
Protocol (BGP) filter list that may fail to deny all
the prefixes that are received from a peer that has a
matching as-path attribute on the regular expression.
This condition only occurs only when as-path filter
lists and route-maps are used for inbound filtering
for the same BGP peer.
Workaround: Do not configure an as-path access list to
be applied to the BGP neighbor using the neighbor
{ip-address | peer-group-name} filter-list
access-list-number {in | out} command.
--- Michael Popovich <m.popovich@home.com> wrote:
> Upgraded R3 to 12.1.11 code and it works just fine.
> Didn't change any
> configurations. Must be in issue with route-maps and
> BGP in 12.1(1).
>
> MP
> ----- Original Message -----
> From: "Michael Popovich" <m.popovich@home.com>
> To: "CCIE GROUPSTUDY" <ccielab@groupstudy.com>
> Sent: Sunday, December 30, 2001 1:53 PM
> Subject: BGP Route-Map Issue Revised
>
>
> > I have made some changes to the BGP
> configurations, mainly on R1, which
> are
> > reflected below. I still get the network
> 190.1.0.0/16 denied by route-map
> > problem on R3 but not R2.
> >
> > Rundown again: R1-the only router in AS300
> connected to R2 and R3 by a
> serial
> > connection. R2 and R3 are in AS200 advertising the
> /30 networks between
> > themselves and R1. R1 has loopback 0 address of
> 190.1.1.1/16 being
> advertised
> > in BGP as 190.1.0.0/16. R2 route-map AS300 adjusts
> the weight to 450 for
> > routes advertised by AS300. Same route-map on R3.
> R2 works but on R3 it
> gets
> > denied by route-map.
> >
> > Configs:
> >
> > R1
> >
> > router bgp 300
> > bgp router-id 190.1.1.1
> > bgp log-neighbor-changes
> > network 190.1.0.0
> > neighbor AS200 peer-group
> > neighbor AS200 remote-as 200
> > neighbor 210.10.10.2 peer-group AS200
> > neighbor 210.10.10.2 update-source Serial0/0
> > neighbor 210.10.10.6 peer-group AS200
> > neighbor 210.10.10.6 update-source Serial0/1
> >
> > R2
> >
> > router bgp 200
> > bgp router-id 190.19.15.51
> > bgp log-neighbor-changes
> > redistribute eigrp 100 route-map localnet
> > neighbor internal peer-group
> > neighbor internal remote-as 200
> > neighbor internal update-source Loopback0
> > neighbor internal send-community
> > neighbor AS300 peer-group
> > neighbor AS300 remote-as 300
> > neighbor AS300 update-source Serial0/1
> > neighbor AS300 route-map AS300 in
> > neighbor 190.19.15.81 peer-group internal
> > neighbor 210.10.10.5 peer-group AS300
> > no auto-summary
> > !
> > ip classless
> > ip http server
> > ip as-path access-list 1 permit ^300$
> > !
> > route-map setcommunity permit 10
> > set community no-export
> > !
> > route-map localnet permit 10
> > match route-type internal
> > !
> > route-map AS300 permit 10
> > match as-path 1
> > set weight 450
> >
> > R3
> >
> > router bgp 200
> > bgp router-id 190.19.15.97
> > redistribute eigrp 100 route-map localnet
> > neighbor internal peer-group
> > neighbor internal remote-as 200
> > neighbor internal update-source Loopback0
> > neighbor internal send-community
> > neighbor AS300 peer-group
> > neighbor AS300 remote-as 300
> > neighbor AS300 update-source Serial0
> > neighbor AS300 route-map AS300 in
> > neighbor 190.19.15.81 peer-group internal
> > neighbor 210.10.10.1 peer-group AS300
> > no auto-summary
> > !
> > ip classless
> > no ip http server
> > ip as-path access-list 1 permit ^300$
> > !
> > route-map setcommunity permit 10
> > set community no-export
> > !
> > route-map localnet permit 10
> > match route-type internal
> > !
> > route-map AS300 permit 10
> > match as-path 1
> > set weight 450
> >
> > Some people have asked questions about the
> internal peer-group. In AS200
> EIGRP
> > is running and all routers are point to a Route
> Reflector that has a
> loopback
> > address of 190.19.15.81. The requirement was that
> AS200 neighbor
> statements
> > all use loopback addresses. That is why R2 and R3
> point to the same
> neighbor
> > address on the internal peer-group.
> >
> > I know I can change the weight by making the
> modification on the neighbor
> > statement and do away with as-path and route-maps.
> I ran into this issue
> and I
> > am trying to figure out if it is a problem with
> the 12.1(1) code talking
> to
> > 12.1.11 code. I am going to upgrade the IOS and
> test it soon. I have
> checked
> > CCO and didn't find a bug related to it. Thought I
> might see if someone
> saw
> > something I missed. Been staring at it awhile.
> :):)
> >
> > MP
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:32:49 GMT-3