Configuration Guide Vol. 3

14.2.6 BGP4 learned route filtering [SL-L3A]

<Structure of this section>

(1) Learning Conditional Routes Common to All Peers

Configure the switch to learn BGP4 routes to any destination network except the routes in the 192.168.0.0/16 range.

Points to note

The example below shows how to use the distribute-list in command to apply learned route filtering consistently among all peers. To filter routes by destination network, use an ip prefix-list filter.

First, configure an ip prefix-list filter to deny routes in the 192.168.0.0/16 range. Then, by referencing this filter from the distribute-list in command, configure BGP4 to filter learned routes by destination network.

Command examples

  1. (config)# ip prefix-list DENY192168LONGER seq 10 deny 192.168.0.0/16 ge 16 le 32

    (config)# ip prefix-list DENY192168LONGER seq 20 permit 0.0.0.0/0 ge 0 le 32

    Configures prefix-list to deny prefixes in the 192.168.0.0./16 range but permits all other prefixes.

  2. (config)# router bgp 65531

    (config-router)# distribute-list prefix DENY192168LONGER in

    Configures the switch to apply learned route filtering by the specified prefix-list filter to all peers.

  3. (config-router)# end

    # clear ip bgp * in

    Applies the changes to the learned route filtering configuration.

(2) Learning peer-specific conditional routes

The following shows how to configure BGP4 to learn routes received from external peers that have an AS_PATH attribute of 65532 65533 and are not destined for a private address (10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16). A value of 200 is assigned to the LOCAL_PREF attribute of learned routes. Other routes are not learned.

Points to note

Use the neighbor in command to apply learned route filtering to routes learned from individual BGP4 peers. Use route-map to filter a route by conditions other than its destination network, or to modify some of its attributes.

First, configure a prefix-list filter to permit private addresses, and an ip as-path access-list filter to permit routes with an AS_PATH attribute of 65532 65533. Next, configure route-map to combine these two conditions. Finally, set the neighbor in command for peers that you want to filter by these conditions.

Command examples

  1. (config)# ip prefix-list PRIVATE seq 10 permit 10.0.0.0/8 ge 8 le 32

    (config)# ip prefix-list PRIVATE seq 20 permit 172.16.0.0/12 ge 12 le 32

    (config)# ip prefix-list PRIVATE seq 30 permit 192.168.0.0/16 ge 16 le 32

    Configures prefix-list to permit private addresses.

  2. (config)# ip as-path access-list 2 permit "^65532_65533$"

    Configures an ip as-path access-list filter to permit routes with an AS_PATH attribute of 65532 65533.

  3. (config)# route-map BGP65532IN deny 10

    (config-route-map)# match ip address prefix-list PRIVATE

    (config-route-map)# exit

    Configures the route-map filter BGP65532IN, which denies the private addresses.

  4. (config)# route-map BGP65532IN permit 20

    (config-route-map)# match as-path 2

    (config-route-map)# set local-preference 200

    (config-route-map)# exit

    Configures route-map to assign a value of 200 to the LOCAL_PREF attribute of routes whose AS_PATH attribute matches 65532 65533, and permit those routes. Because BGP65532IN has no other conditions, the filter denies routes that do not match any of the conditions set so far.

  5. (config)# router bgp 65531

    (config-router)# neighbor 172.17.1.1 remote-as 65532

    (config-router)# neighbor 172.17.1.1 route-map BGP65532IN in

    Configures BGP4+ to use the route-map filter BGP65532IN to filter routes received from external peers.

  6. (config-router)# end

    # clear ip bgp * in

    Applies the changes to the learned route filtering configuration.

[Product name label]

All Rights Reserved, Copyright(C), 2017, 2023, ALAXALA Networks, Corp.