From: Sara Li (saralilin@hotmail.com)
Date: Mon Nov 04 2002 - 09:06:35 GMT-3
Janto,
your solution .. . hummm, i tried simplified it.
R1(AS100)-----R2(AS300)-----R3(AS300)------R4(AS200)
R1 has route 172.16.1.0/24 in its BGP table.
R4 has route 192.168.1.0/24 in its BGP table.
R2
-----
neighbor R1 route-map setcommunity in
route-map setcommunity permit 10
set community no-export
R3
---- neighbor R4 route-map setcommunity inroute-map setcommunity permit 10 set community no-export
i think this will work. so whatever routes from ebgp neighbor are tag with no-export, so the routes will not exit as300.
am i right?
>From: "Janto Cin" >Reply-To: "Janto Cin" >To: "'Sara Li'" , >Subject: RE: bgp question...help >Date: Mon, 4 Nov 2002 17:43:47 +0700 > >R1(AS100)-----R2(AS300)-----R3(AS300)------R4(AS200) > >R1 has route 172.16.1.0/24 in its BGP table. >R4 has route 192.168.1.0/24 in its BGP table. > >R2 >----- >neighbor R1 route-map setcommunity in >neighbor R1 route-map deny_as200 out > >route-map setcommunity permit 10 >match ip address 1 >set community 100 > >route-map setcommunity permit 20 > >access-list 1 permit 172.16.1.0 >ip community-list 99 permit 200 > >route-map deny_as200 deny 10 >match community-list 99 > >route-map deny_as200 permit 20 > >R3 >---- >neighbor R4 route-map setcommunity in >neighbor R4 route-map deny_as100 out > >route-map setcommunity permit 10 >match ip address 1 >set community 200 > >route-map setcommunity permit 20 > >access-list 1 permit 192.168.1.0 >ip community-list 99 permit 100 > >route-map deny_as100 deny 10 >match community-list 99 > >route-map deny_as100 permit 20 > >Please correct me if I'm wrong. > >Janto > > >-----Original Message----- >From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of >Sara Li >Sent: Monday, November 04, 2002 3:25 PM >To: ccielab@groupstudy.com >Subject: bgp question...help > >i have confederation AS 300 peer with AS100, AS 200. >AS 300 got 3 sub-as 65501,65502,65503. and i dont want AS 300 to be a >trasit as for AS100 and AS 200. >how should i filter it? initially i thougt using as-path filter to allow >only ^$ local as, then it proves only local sub-as routes will go out, >not allow the other two sub as go out of AS 300. then i thoght of using >community no-export. but then, if as100 or as 200 neighbor as want to >reach as 300, they cant as AS 100 or AS 200 wont advertise as 300's >routes.any idea? Sara > >------------------------------------------------------------------------ > >Choose an Internet access plan right for you -- try MSN! Click Here > > >--- >Incoming mail is certified Virus Free. >Checked by AVG anti-virus system (http://www.grisoft.com). >Version: 6.0.410 / Virus Database: 231 - Release Date: 10/31/2002 > > >--- >Outgoing mail is certified Virus Free. >Checked by AVG anti-virus system (http://www.grisoft.com). >Version: 6.0.410 / Virus Database: 231 - Release Date: 10/31/2002
------------------------------------------------------------------------
Get faster connections -- switch to MSN Internet Access! Click Here
This archive was generated by hypermail 2.1.4 : Tue Dec 03 2002 - 07:22:52 GMT-3