Configuration Guide Vol. 3

14.2.7 BGP4 advertised route filtering [SL-L3A]

<Structure of this section>

(1) Advertise other protocol routes

Among directly connected and static routes, you can configure BGP4 to advertise only those routes whose destination network is the local AS network (192.169.0.0/16).

Points to note

The example below shows how to use the redistribute command to advertise routes that would not be advertised by default. In the redistribute command, specify the protocols that you want advertised.

To define conditions for route advertisement, specify route-map in the redistribute command. Use a prefix-list filter to supply the destination network conditions for the route-map.

Command examples

  1. (config)# ip prefix-list PERMIT192169LONGER seq 10 permit 192.169.0.0/16 ge 16 le 32

    Configures prefix-list to permit only routes in the 192.169.0.0/16 range.

  2. (config)# route-map PERMIT192169LONGER permit 10

    (config-route-map)# match ip address prefix-list PERMIT192169LONGER

    (config-route-map)# exit

    Configures route-map to permit routes in the 192.169.0.0/16 range.

  3. (config)# router bgp 65531

    (config-router)# redistribute connected route-map PERMIT192169LONGER

    (config-router)# redistribute static route-map PERMIT192169LONGER

    Configures the redistribute command to advertise only those static and directly connected routes permitted by the route-map filter PERMIT192169LONGER.

  4. (config-router)# end

    # clear ip bgp * out

    Applies the changes to the advertised route filtering configuration.

(2) Changing advertised routes for each peer

You can restrict which routes are advertised to external peers.This example restricts route advertisement to BGP4 routes received from AS100 that have one AS path, and directly connected routes and static routes for which the local AS network is the destination (192.169.0.0/16). When advertising routes, the switch adds two AS numbers to the AS_PATH of peer 172.18.1.1. Only BGP4 routes are advertised to internal peers.

Points to note

The example below shows how to use the neighbor out command if you need to apply route filtering to individual peers.

Here, configure a total of four route-map filters: one to redistribute static and directly connected routes, one for advertising to the peer 172.18.1.1, one for advertising to external peers other than 172.18.1.1, and one for internal peers.

For static and directly connected routes, configure an ip prefix-list filter to permit routes in the 192.169.0.0/16 range, and a route-map filter from which to call the filter.

For the peer 172.18.1.1, configure a route-map filter that adds two AS numbers to direct and static routes.

For external peers other than 172.18.1.1, configure an ip as-path access-list filter to permit routes whose AS_PATH attribute contains one AS, and a route-map filter that references the filter.

For internal peers, configure a route-map filter to permit BGP4 routes and denies all others.

Command examples

  1. (config)# ip prefix-list PERMIT192169LONGER seq 10 permit 192.169.0.0/16 ge 16 le 32

    (config)# route-map PERMIT192169LONGER permit 10

    (config-route-map)# match ip address prefix-list PERMIT192169LONGER

    (config-route-map)# exit

    Configures route-map to permit routes in the 192.169.0.0/16 range. This filter is used to redistribute static and direct routes.

  2. (config)# ip as-path access-list 1 permit "^[0-9]+$"

    (config)# route-map BGPEXTOUT permit 10

    (config-route-map)# match protocol connected static

    (config-route-map)# exit

    (config)# route-map BGPEXTOUT permit 20

    (config-route-map)# match protocol bgp

    (config-route-map)# match as-path 1

    (config-route-map)# exit

    Configures route-map to permit direct routes, static routes, and only those BGP routes whose AS_PATH attribute contains one AS. This route-map filter is used to filter advertisement to external peers.

  3. (config)# route-map BGP1721811OUT permit 10

    (config-route-map)# match protocol connected static

    (config-route-map)# set as-path prepend count 2

    (config-route-map)# exit

    (config)# route-map BGP1721811OUT permit 20

    (config-route-map)# match protocol bgp

    (config-route-map)# match as-path 1

    (config-route-map)# set as-path prepend count 2

    (config-route-map)# exit

    Configures route-map to permit direct routes, static routes, and only those BGP routes whose AS_PATH attribute contains one AS, and adds two AS numbers to those routes. This filter is used to filter advertisement to peer 172.18.1.1.

  4. (config)# route-map BGPINTOUT permit 10

    (config-route-map)# match protocol bgp

    (config-route-map)# exit

    Configures route-map to permit only BGP4 routes. This filter is used to filter advertisement to internal peers.

  5. (config)# router bgp 65531

    (config-router)# redistribute connected route-map PERMIT192169LONGER

    (config-router)# redistribute static route-map PERMIT192169LONGER

    Configures the redistribute command to advertise only those static and directly connected routes permitted by the route-map filter PERMIT192169LONGER.

  6. (config-router)# neighbor 172.17.1.1 remote-as 65532

    (config-router)# neighbor 172.17.1.1 route-map BGPEXTOUT out

    Applies the filter BGPEXTOUT when advertising routes to external peers.

  7. (config-router)# neighbor 172.18.1.1 remote-as 65533

    (config-router)# neighbor 172.18.1.1 route-map BGP1721811OUT out

    Applies the filter BGP1721811OUT when advertising routes to external peer 172.18.1.1.

  8. (config-router)# neighbor 192.169.1.1 remote-as 65531

    (config-router)# neighbor 192.169.1.1 route-map BGPINTOUT out

    Applies the filter BGPINTOUT when advertising routes to internal peers.

  9. (config-router)# end

    # clear ip bgp * out

    Applies the changes to the advertised route filtering configuration.

[Product name label]

All Rights Reserved, Copyright(C), 2017, 2023, ALAXALA Networks, Corp.