Re: BGP Path Filtering By Neighbor

From: Anthony Sequeira (terry.francona@gmail.com)
Date: Tue Jun 21 2005 - 01:51:11 GMT-3

• Next message: John Matus: "Re: icmp - time-exceeded vs ttl-exceeded"
• Previous message: Brian Dennis: "RE: icmp - time-exceeded vs ttl-exceeded"
• Maybe in reply to: Anthony Sequeira: "BGP Path Filtering By Neighbor"
• Next in thread: Brian McGahan: "RE: BGP Path Filtering By Neighbor"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Gotcha there - and by "pass" they mean - do NOT match!

OK - I got it now.

Brian - you need to writing their documentation - perhaps you can fit that in?

On 6/20/05, Brian McGahan <bmcgahan@internetworkexpert.com> wrote:
> Anthony,
>
> The problem is that they're referencing the wrong list numbers.
> The example should read:
>
> > BGP Path Filtering by Neighbor Examples
> > The following example shows BGP path filtering by neighbor. Only the
> > routes that pass autonomous system path access list 2 will be sent to
> > 193.1.12.10. Similarly, only routes passing access list 3 will be
> > accepted from 193.1.12.10.
> >
> > router bgp 200
> > neighbor 193.1.12.10 remote-as 100
> > neighbor 193.1.12.10 filter-list 2 out
> > neighbor 193.1.12.10 filter-list 3 in
> >
> > ip as-path access-list 2 permit _200$
> > ip as-path access-list 2 permit ^100$
> > ip as-path access-list 3 deny _690$
> > ip as-path access-list 3 permit .*
>
>
> HTH,
>
> Brian McGahan, CCIE #8593
> bmcgahan@internetworkexpert.com
>
> Internetwork Expert, Inc.
> http://www.InternetworkExpert.com
> Toll Free: 877-224-8987 x 705
> Outside US: 775-826-4344 x 705
> 24/7 Support: http://forum.internetworkexpert.com
> Live Chat: http://www.internetworkexpert.com/chat/
>
>
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> Of
> > Anthony Sequeira
> > Sent: Monday, June 20, 2005 9:33 PM
> > To: Cisco certification
> > Subject: BGP Path Filtering By Neighbor
> >
> > OK - looks like the DOC-CD author was a bit tired when they wrote
> > this. I think they are dead wrong here and also have an obvious
> > "binding" error:
> >
> > BEGIN QUOTE
> > BGP Path Filtering by Neighbor Examples
> > The following example shows BGP path filtering by neighbor. Only the
> > routes that pass autonomous system path access list 2 will be sent to
> > 193.1.12.10. Similarly, only routes passing access list 3 will be
> > accepted from 193.1.12.10.
> >
> > router bgp 200
> > neighbor 193.1.12.10 remote-as 100
> > neighbor 193.1.12.10 filter-list 1 out
> > neighbor 193.1.12.10 filter-list 2 in
> >
> > ip as-path access-list 1 permit _109_
> > ip as-path access-list 2 permit _200$
> > ip as-path access-list 2 permit ^100$
> > ip as-path access-list 3 deny _690$
> > ip as-path access-list 3 permit .*
> > END QUOTE
> >
> > Am I correct in stating that it is this simple - traffic that matches
> > the as-path access-list will be the traffic that is filtered?
> >
> > For example, if I want to filter traffic that has originated in AS 200
> > - I would simply say:
> > neighbor 189.45.23.10 filter-list 1 out
> >
> > ip as-path access-list 1 permit _200$
> >
> >
> _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html

• Next message: John Matus: "Re: icmp - time-exceeded vs ttl-exceeded"
• Previous message: Brian Dennis: "RE: icmp - time-exceeded vs ttl-exceeded"
• Maybe in reply to: Anthony Sequeira: "BGP Path Filtering By Neighbor"
• Next in thread: Brian McGahan: "RE: BGP Path Filtering By Neighbor"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Wed Jul 06 2005 - 14:43:42 GMT-3