From: Roberto Fernandez (rofernandez@us.telefonica.com)
Date: Wed Jun 21 2006 - 14:26:19 ART
Samy,
Elias is correct; with BGP you have absolute control of your outgoing
traffic. But you have to understand how it works:
In this case you don't want to send traffic to certain "places" and;
those places are identified by means of their AS number, so... it is
there a better solution that not even knowing about those "places"?
Well your solution is make yourself ignorant about those places, by
filtering them out before your router is able to process them into your
routing table. That's why here you should filter INBOUND:
neighbor 129.1.23.3 route-map R4 in
Instead of OUTBOUND:
neighbor 129.1.23.3 route-map R4 in
as your configuration shows.
Outbound route filtering works the opposite, and works towards
controlling the incoming traffic by "enlightening" or "leaving in the
dark" your neighbors about the routes on your own BGP domain.
Best Regards,
Roberto
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Elias Chari
Sent: Wednesday, June 21, 2006 12:58 PM
To: Bajo
Cc: Sami; ccielab@groupstudy.com
Subject: Re: BGP AS-Path access list
If you want to send traffic only to as XYZ and its directly attached
customers, your filtering policy should be inbound, so that you only
receive
routes with path 100_<attachedAS>
neighbor 129.1.23.3 route-map R4 in
On 6/21/06, Bajo <bajoalex@gmail.com> wrote:
>
> Hi Sami,
>
> I do not see you denying any other routes on other neighbours (am not
sure
> about the route-maps but as-path list 58 is applied only once).
>
> Did lab you case with a deny and it works.
>
> Do "sh ip bg regexp ^200(_[0-9]+)$" on R2.
>
>
> On 6/21/06, Sami <sy1977@gmail.com> wrote:
> >
> > Group,
> >
> > One of task say configure AS200 so that it will only send out
traffic
> from
> > this link to AS100 and it's directly connected customer.
> > I configured as-path access list as below but still R2 is receiving
> routes
> > from other than 100 and 54. what could be the problem ?
> >
> > *R2#show ip as-path-access-list
> > AS path access list 58
> > permit ^100(_[0-9]+)?$
> > *
> > R2#show running-config | section bgp
> > router bgp 200
> > no synchronization
> > bgp router-id 150.1.2.2
> > bgp log-neighbor-changes
> > network 129.1.3.0 mask 255.255.255.128
> > network 129.1.3.128 mask 255.255.255.128
> > network 129.1.17.0 mask 255.255.255.0
> > aggregate-address 129.1.0.0 255.255.0.0
> > neighbor 129.1.23.3 remote-as 200
> > neighbor 129.1.23.3 next-hop-self
> > neighbor 129.1.23.3 route-map R4 out
> > neighbor 129.1.124.4 remote-as 100
> > neighbor 129.1.124.4 route-map default in
> > neighbor 129.1.124.4 route-map R4 out
> > *neighbor 129.1.124.4 filter-list 58 in
> > * neighbor 192.10.1.254 remote-as 254
> > neighbor 192.10.1.254 password CISCO
> > no auto-summary
> >
> >
> > R2#show ip bgp
> > BGP table version is 39, local router ID is 150.1.2.2
> > Status codes: s suppressed, d damped, h history, * valid, > best, i
-
> > internal,
> > r RIB-failure, S Stale
> > Origin codes: i - IGP, e - EGP, ? - incomplete
> >
> > Network Next Hop Metric LocPrf Weight Path
> > *>i0.0.0.0 129.1.17.7 0 500 0 100 i
> > * 129.1.124.4 0 200 0 100 i
> > *> 28.119.16.0/24 129.1.124.4 0 100 54
i
> > * i 129.1.124.4 0 100 0 100 54
i
> > *> 28.119.17.0/24 129.1.124.4 0 100 54
i
> > * i 129.1.124.4 0 100 0 100 54
i
> > **>i112.0.0.0 129.1.124.4 0 100 0 100 54
50
> 60
> > i
> > *>i113.0.0.0 129.1.124.4 0 100 0 100 54
50
> 60
> > i
> > **> 114.0.0.0 129.1.124.4 0 100 54
i
> > * i 129.1.124.4 0 100 0 100 54
i
> > *> 115.0.0.0 129.1.124.4 0 100 54
i
> > * i 129.1.124.4 0 100 0 100 54
i
> > *> 116.0.0.0 129.1.124.4 0 100 54
i
> > * i 129.1.124.4 0 100 0 100 54
i
> > *> 117.0.0.0 129.1.124.4 0 100 54
i
> > * i 129.1.124.4 0 100 0 100 54
i
> > *> 118.0.0.0 129.1.124.4 0 100 54
i
> >
> > Thanks
> >
> >
This archive was generated by hypermail 2.1.4 : Sat Jul 01 2006 - 07:57:33 ART