RE: BGP Path Filtering By Neighbor

From: Brian McGahan (bmcgahan@internetworkexpert.com)
Date: Tue Jun 21 2005 - 12:21:34 GMT-3

By "pass" they mean are permitted.

HTH,

Brian McGahan, CCIE #8593
bmcgahan@internetworkexpert.com

Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987 x 705
Outside US: 775-826-4344 x 705
24/7 Support: http://forum.internetworkexpert.com
Live Chat: http://www.internetworkexpert.com/chat/

> -----Original Message-----
> From: Anthony Sequeira [mailto:terry.francona@gmail.com]
> Sent: Monday, June 20, 2005 11:51 PM
> To: Brian McGahan
> Cc: Cisco certification
> Subject: Re: BGP Path Filtering By Neighbor
>
> Gotcha there - and by "pass" they mean - do NOT match!
>
> OK - I got it now.
>
> Brian - you need to writing their documentation - perhaps you can fit
that
> in?
>
> On 6/20/05, Brian McGahan <bmcgahan@internetworkexpert.com> wrote:
> > Anthony,
> >
> > The problem is that they're referencing the wrong list
numbers.
> > The example should read:
> >
> > > BGP Path Filtering by Neighbor Examples
> > > The following example shows BGP path filtering by neighbor. Only
the
> > > routes that pass autonomous system path access list 2 will be sent
to
> > > 193.1.12.10. Similarly, only routes passing access list 3 will be
> > > accepted from 193.1.12.10.
> > >
> > > router bgp 200
> > > neighbor 193.1.12.10 remote-as 100
> > > neighbor 193.1.12.10 filter-list 2 out
> > > neighbor 193.1.12.10 filter-list 3 in
> > >
> > > ip as-path access-list 2 permit _200$
> > > ip as-path access-list 2 permit ^100$
> > > ip as-path access-list 3 deny _690$
> > > ip as-path access-list 3 permit .*
> >
> >
> > HTH,
> >
> > Brian McGahan, CCIE #8593
> > bmcgahan@internetworkexpert.com
> >
> > Internetwork Expert, Inc.
> > http://www.InternetworkExpert.com
> > Toll Free: 877-224-8987 x 705
> > Outside US: 775-826-4344 x 705
> > 24/7 Support: http://forum.internetworkexpert.com
> > Live Chat: http://www.internetworkexpert.com/chat/
> >
> >
> > > -----Original Message-----
> > > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On
Behalf
> > Of
> > > Anthony Sequeira
> > > Sent: Monday, June 20, 2005 9:33 PM
> > > To: Cisco certification
> > > Subject: BGP Path Filtering By Neighbor
> > >
> > > OK - looks like the DOC-CD author was a bit tired when they wrote
> > > this. I think they are dead wrong here and also have an obvious
> > > "binding" error:
> > >
> > > BEGIN QUOTE
> > > BGP Path Filtering by Neighbor Examples
> > > The following example shows BGP path filtering by neighbor. Only
the
> > > routes that pass autonomous system path access list 2 will be sent
to
> > > 193.1.12.10. Similarly, only routes passing access list 3 will be
> > > accepted from 193.1.12.10.
> > >
> > > router bgp 200
> > > neighbor 193.1.12.10 remote-as 100
> > > neighbor 193.1.12.10 filter-list 1 out
> > > neighbor 193.1.12.10 filter-list 2 in
> > >
> > > ip as-path access-list 1 permit _109_
> > > ip as-path access-list 2 permit _200$
> > > ip as-path access-list 2 permit ^100$
> > > ip as-path access-list 3 deny _690$
> > > ip as-path access-list 3 permit .*
> > > END QUOTE
> > >
> > > Am I correct in stating that it is this simple - traffic that
matches
> > > the as-path access-list will be the traffic that is filtered?
> > >
> > > For example, if I want to filter traffic that has originated in AS
200
> > > - I would simply say:
> > > neighbor 189.45.23.10 filter-list 1 out
> > >
> > > ip as-path access-list 1 permit _200$
> > >
> > >
> >

This archive was generated by hypermail 2.1.4 : Wed Jul 06 2005 - 14:43:42 GMT-3