RE: BGP Path Filtering By Neighbor

From: Brian McGahan (bmcgahan@internetworkexpert.com)
Date: Mon Jun 20 2005 - 23:46:57 GMT-3

• Next message: John Matus: "ip multicast stub routing"
• Previous message: chon_mon@nym.hush.com: "RE: VPN timeout issues"
• Maybe in reply to: Anthony Sequeira: "BGP Path Filtering By Neighbor"
• Next in thread: Anthony Sequeira: "Re: BGP Path Filtering By Neighbor"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Anthony,

        The problem is that they're referencing the wrong list numbers.
The example should read:

> BGP Path Filtering by Neighbor Examples
> The following example shows BGP path filtering by neighbor. Only the
> routes that pass autonomous system path access list 2 will be sent to
> 193.1.12.10. Similarly, only routes passing access list 3 will be
> accepted from 193.1.12.10.
>
> router bgp 200
> neighbor 193.1.12.10 remote-as 100
> neighbor 193.1.12.10 filter-list 2 out
> neighbor 193.1.12.10 filter-list 3 in
>
> ip as-path access-list 2 permit _200$
> ip as-path access-list 2 permit ^100$
> ip as-path access-list 3 deny _690$
> ip as-path access-list 3 permit .*

HTH,

Brian McGahan, CCIE #8593
bmcgahan@internetworkexpert.com

Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987 x 705
Outside US: 775-826-4344 x 705
24/7 Support: http://forum.internetworkexpert.com
Live Chat: http://www.internetworkexpert.com/chat/

> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
Of
> Anthony Sequeira
> Sent: Monday, June 20, 2005 9:33 PM
> To: Cisco certification
> Subject: BGP Path Filtering By Neighbor
>
> OK - looks like the DOC-CD author was a bit tired when they wrote
> this. I think they are dead wrong here and also have an obvious
> "binding" error:
>
> BEGIN QUOTE
> BGP Path Filtering by Neighbor Examples
> The following example shows BGP path filtering by neighbor. Only the
> routes that pass autonomous system path access list 2 will be sent to
> 193.1.12.10. Similarly, only routes passing access list 3 will be
> accepted from 193.1.12.10.
>
> router bgp 200
> neighbor 193.1.12.10 remote-as 100
> neighbor 193.1.12.10 filter-list 1 out
> neighbor 193.1.12.10 filter-list 2 in
>
> ip as-path access-list 1 permit _109_
> ip as-path access-list 2 permit _200$
> ip as-path access-list 2 permit ^100$
> ip as-path access-list 3 deny _690$
> ip as-path access-list 3 permit .*
> END QUOTE
>
> Am I correct in stating that it is this simple - traffic that matches
> the as-path access-list will be the traffic that is filtered?
>
> For example, if I want to filter traffic that has originated in AS 200
> - I would simply say:
> neighbor 189.45.23.10 filter-list 1 out
>
> ip as-path access-list 1 permit _200$
>
>

• Next message: John Matus: "ip multicast stub routing"
• Previous message: chon_mon@nym.hush.com: "RE: VPN timeout issues"
• Maybe in reply to: Anthony Sequeira: "BGP Path Filtering By Neighbor"
• Next in thread: Anthony Sequeira: "Re: BGP Path Filtering By Neighbor"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Wed Jul 06 2005 - 14:43:42 GMT-3