Re: BGP command: neighbor .... filter-list #

From: Packet Man (ccie2b@hotmail.com)
Date: Sat Feb 28 2004 - 18:07:07 GMT-3

• Next message: Howard C. Berkowitz: "RE: BGP versus OSPF/ISIS"
• Previous message: Hoyle, Anthony (AL): "RE: BGP versus OSPF/ISIS"
• Maybe in reply to: ccie2be: "BGP command: neighbor .... filter-list #"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Thanks, that's what I thought but the solution to a practice lab showed
differently. I used to think that I could relie on what I saw in solution
config's based on the idea that those people who wrote these practice labs
knew a keck of alot more than I did. But, now as I get technically
stronger, I see many mistakes. I think one has to be somewhat suspect of
those things that don't make sense.

Thanks again.

>From: <alsontra@hotmail.com>
>Reply-To: <alsontra@hotmail.com>
>To: "ccie2be" <ccie2be@nyc.rr.com>
>CC: <ccielab@groupstudy.com>
>Subject: Re: BGP command: neighbor .... filter-list #
>Date: Sat, 28 Feb 2004 14:13:36 -0800
>
>This is an interesting question, and here are my thoughts.
>
>Univercd says that filter-lists use as-path access-list as quoted below:
>
>"In addition to filtering routing updates based on network numbers, you can
>specify an access list filter on both incoming and outbound updates based
>on
>the BGP autonomous system paths. Each filter is an access list based on
>regular expressions. To specify the access list filter, define an
>autonomous
>system path access list and apply it to updates to and from particular
>neighbors. See the "Regular Expressions" appendix in the Cisco IOS Terminal
>Services Configuration Guide for more information on forming regular
>expressions. "
>http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr_c/ipcprt2/1cfbgp.htm
>
>The Cisco Press BGP command configuration Handbook states that filter-list
>use as-path information to filter updates, in or out. Neither of these
>references states that an access-list can be used in the match clause for
>the filter-list. Further, all of the examples for filter-lists only use
>as-path lists. As far as the documentation goes, the dilemma your asking
>about could not occur.
>
>I configured ip access-lists in the place of as-path list and quickly
>discovered that access-list will not work. It appears that if you specify
>an
>access-list instead of an as-path list your basically giving a null
>condition that filters all prefixes from the targeted neighbor.
>
><no filter applied>
>R5#sh ip bgp
>BGP table version is 4, local router ID is 223.1.1.5
>Status codes: s suppressed, d damped, h history, * valid, > best, i -
>internal
>Origin codes: i - IGP, e - EGP, ? - incomplete
>
> Network Next Hop Metric LocPrf Weight Path
>*> 3.3.3.0/24 223.1.1.3 0 0 300 i
>*> 3.4.4.0/24 223.1.1.3 0 0 300 i
>* 190.1.1.0/24 223.1.1.6 0 100 i
>*> 223.1.1.2 0 100 i
>+++++++All prefixes show up, no filters applied++++++++++++++
>
><access-list applied to neighbor 223.1.1.3 in for 3.3.3.0/24 prefix>
>R5#sh ip bgp
>BGP table version is 2, local router ID is 223.1.1.5
>Status codes: s suppressed, d damped, h history, * valid, > best, i -
>internal
>Origin codes: i - IGP, e - EGP, ? - incomplete
>
> Network Next Hop Metric LocPrf Weight Path
>*> 190.1.1.0/24 223.1.1.6 0 100 i
>++++++++Filters all routes from neighbor 223.1.1.3++++++++++++
>
>
>Those are my findings. Access-list cannot be used with neighbor filter list
>option in IOS12.2. Perhaps one of the more senior members of this groups
>knows a trick to make this work, but the docs and my finding say it no
>suppose to work. If in fact that was your question?? :-)
>
>02
>
>Alsontra
>
>
>----- Original Message -----
>From: "ccie2be" <ccie2be@nyc.rr.com>
>To: "Group Study" <ccielab@groupstudy.com>
>Sent: Friday, February 27, 2004 1:16 PM
>Subject: BGP command: neighbor .... filter-list #
>
>
> > Hi team,
> >
> > In the above command can the number refer to a regular standard or
>extended
> > access list or does it have to apply to an 'ip as-path access-list'?
> >
> > I ask because I saw an example in a practice lab where the # refers to a
> > regular access list, but I had always thought it had to refer to an ip
>as-path
> > access-list.
> >
> > Also, if it can refer to either, what would happen if both types of
> > access-lists were configured with the same number?
> >
> > thanks in advance
> >
> > _______________________________________________________________________
> > Please help support GroupStudy by purchasing your study materials from:
> > http://shop.groupstudy.com
> >
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
>_______________________________________________________________________
>Please help support GroupStudy by purchasing your study materials from:
>http://shop.groupstudy.com
>
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html

• Next message: Howard C. Berkowitz: "RE: BGP versus OSPF/ISIS"
• Previous message: Hoyle, Anthony (AL): "RE: BGP versus OSPF/ISIS"
• Maybe in reply to: ccie2be: "BGP command: neighbor .... filter-list #"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Mar 05 2004 - 07:13:59 GMT-3