Advice Requested - Filtering Inbound BGP Default Routes
From: Dufour, Andre (Andre.Dufour@PAETEC.com)
Date: Tue Jan 20 2009 - 16:38:01 ARST
Hello all,
Any input (sarcastic or otherwise b�: ) would be appreciated. Ib�m looking for what would be the best and simplest approach and would like to hear the different approaches.
Andre
-------------------------------------------------------------------------------------------------------------------------------------------------------------------
Scenario for Inbound Routes received from router B:
Router A (AS65000) is peering with router B (AS 65534); straight eBGP peering; nothing fancy.
1) Router A needs to allow only a default route if the default route was originated in AS 65001 (_65001$).
2) All other default routes should be denied no matter the ASN.
3) All other routes, no matter where they are originated (no matter the AS), should be allowed / learned.
Router A Mock Config
!
ip as-path access-list 199 deny _65001$
ip as-path access-list 199 permit .*
!
ip prefix-list default-route seq 5 permit 0.0.0.0/0
!
route-map primary-in deny 10
match ip address prefix-list default-route
match as-path 199
!
route-map primary-in permit 20
set local-preference 150
!
router bgp 6500
neighbor 74.11.64.93 route-map primary-in in
!
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4
: Sun Mar 01 2009 - 09:43:39 ARST