From: Godswill Oletu (oletu@inbox.lv)
Date: Wed Jun 21 2006 - 13:49:45 ART
Sami,
If the Task states 'AS200 to only SEND out traffic from this link to AS100',
'show ip bgp' on AS200 will not be able to tell you if your filtering is
working or not? Use 'show ip bgp' on AS100 instead.
- This has some element of community, but I do not know of any community
attribute that will instruct the receiving router to only send the routes to
its directly connected customers. Even if one cross that hurdle, how will
you ensure that the directly connected customers do not send these routes to
the next router(s) (since this will be required in other to fulfill the
aspect of the task that said 'ONLY')?
I also see that, you are including AS100 in your match criterial, which
might be wrong. Your as-path list is matching traffic received from AS100.
If the task you stated in your email is correct, matching traffics received
from AS100 in an as-path list that will be used to filter traffic that will
be sent to AS100, might not be a good thing to do? AS100's loop prevention
mechanism by default will drop a traffic, if it sees its own ASN in the path
list, so the as-path access list will not achieve anything.
Don't you think the question is worded something like .... 'AS200 should
only RECEIVE traffic from AS100 & its directly connected customers'?
A little clarity or running-config will be good.
HTH
Godswill Oletu
----- Original Message -----
From: "Sami" <sy1977@gmail.com>
To: <ccielab@groupstudy.com>
Sent: Wednesday, June 21, 2006 11:40 AM
Subject: BGP AS-Path access list
> Group,
>
> One of task say configure AS200 so that it will only send out traffic from
> this link to AS100 and it's directly connected customer.
> I configured as-path access list as below but still R2 is receiving routes
> from other than 100 and 54. what could be the problem ?
>
> *R2#show ip as-path-access-list
> AS path access list 58
> permit ^100(_[0-9]+)?$
> *
> R2#show running-config | section bgp
> router bgp 200
> no synchronization
> bgp router-id 150.1.2.2
> bgp log-neighbor-changes
> network 129.1.3.0 mask 255.255.255.128
> network 129.1.3.128 mask 255.255.255.128
> network 129.1.17.0 mask 255.255.255.0
> aggregate-address 129.1.0.0 255.255.0.0
> neighbor 129.1.23.3 remote-as 200
> neighbor 129.1.23.3 next-hop-self
> neighbor 129.1.23.3 route-map R4 out
> neighbor 129.1.124.4 remote-as 100
> neighbor 129.1.124.4 route-map default in
> neighbor 129.1.124.4 route-map R4 out
> *neighbor 129.1.124.4 filter-list 58 in
> * neighbor 192.10.1.254 remote-as 254
> neighbor 192.10.1.254 password CISCO
> no auto-summary
>
>
> R2#show ip bgp
> BGP table version is 39, local router ID is 150.1.2.2
> Status codes: s suppressed, d damped, h history, * valid, > best, i -
> internal,
> r RIB-failure, S Stale
> Origin codes: i - IGP, e - EGP, ? - incomplete
>
> Network Next Hop Metric LocPrf Weight Path
> *>i0.0.0.0 129.1.17.7 0 500 0 100 i
> * 129.1.124.4 0 200 0 100 i
> *> 28.119.16.0/24 129.1.124.4 0 100 54 i
> * i 129.1.124.4 0 100 0 100 54 i
> *> 28.119.17.0/24 129.1.124.4 0 100 54 i
> * i 129.1.124.4 0 100 0 100 54 i
> **>i112.0.0.0 129.1.124.4 0 100 0 100 54 50 60
> i
> *>i113.0.0.0 129.1.124.4 0 100 0 100 54 50 60
> i
> **> 114.0.0.0 129.1.124.4 0 100 54 i
> * i 129.1.124.4 0 100 0 100 54 i
> *> 115.0.0.0 129.1.124.4 0 100 54 i
> * i 129.1.124.4 0 100 0 100 54 i
> *> 116.0.0.0 129.1.124.4 0 100 54 i
> * i 129.1.124.4 0 100 0 100 54 i
> *> 117.0.0.0 129.1.124.4 0 100 54 i
> * i 129.1.124.4 0 100 0 100 54 i
> *> 118.0.0.0 129.1.124.4 0 100 54 i
>
> Thanks
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sat Jul 01 2006 - 07:57:33 ART