30.2.6 BGP4 + learned route filtering [SL-L3A]
- <Structure of this section>
(1) Learning Conditional Routes Common to All Peers
Configure the switch to learn BGP4+ routes to any destination network except the routes in the 3ffe:501::/32 range.
- Points to note
-
The example below shows how to use the distribute-list in command to apply learned route filtering consistently among all peers. To filter routes by destination network, use an ipv6 prefix-list filter.
First, configure an ipv6 prefix-list filter to deny routes in the 3ffe:501::/32 range. Then, by referencing this filter from the distribute-list in command, configure BGP4+ to filter learned routes by destination network.
Command examples
-
(config)# ipv6 prefix-list LONGER3ffe0501DENY seq 10 deny 3ffe:501::/32 ge 32 le 128
(config)# ipv6 prefix-list LONGER3ffe0501DENY seq 20 permit ::/0 ge 0 le 128
Configures prefix-list to deny prefixes in the 3ffe:501::/32 range but permits all other prefixes.
-
(config)# router bgp 65531
(config-router)# address-family ipv6
(config-router-af)# distribute-list prefix-list LONGER3ffe0501DENY in
Configures the switch to apply learned route filtering by the specified prefix-list filter to all peers.
-
(config-router-af)# end
# clear ipv6 bgp * in
Applies the changes to the learned route filtering configuration.
(2) Learning peer-specific conditional routes
The following shows how to configure BGP4+ to learn routes received from external peers that have an AS_PATH attribute of 65532 65533 and are not destined for the 3ffe:501::/32 address range. The switch assigns a value of 200 to the LOCAL_PREF attribute of learned routes. Other routes are not learned.
- Points to note
-
The example below shows how to use the neighbor in command to apply learned route filtering to routes learned from individual BGP4+ peers. Use route-map to filter a route by conditions other than its destination network, or to modify some of its attributes.
First, configure a prefix-list filter to permit routes in the 3ffe:501::/32 range, and an ip as-path access-list filter to permit routes with an AS_PATH attribute of 65532 65533. Next, configure route-map to combine these two conditions. Finally, set the neighbor in command for peers that you want to filter by these conditions.
Command examples
-
(config)# ipv6 prefix-list LONGER3ffe0501 seq 10 permit 3ffe:501::/32 ge 32 le 128
Configures prefix-list to permit routes whose prefix is within the 3ffe:501::/32 range.
-
(config)# ip as-path access-list 2 permit "^65532_65533$"
Configures an ip as-path access-list filter to permit routes with an AS_PATH attribute of 65532 65533.
-
(config)# route-map BGP65532IN deny 10
(config-route-map)# match ipv6 address prefix-list LONGER3ffe0501
(config-route-map)# exit
Configures the route-map filter BGP65502IN to deny routes destined for the 3ffe:501::/32 address range.
-
(config)# route-map BGP65532IN permit 20
(config-route-map)# match as-path 2
(config-route-map)# set local-preference 200
(config-route-map)# exit
Configures route-map to assign a value of 200 to the LOCAL_PREF attribute of routes whose AS_PATH attribute matches 65532 65533, and permit those routes. Because BGP65532IN has no other conditions, the filter denies routes that do not match any of the conditions set so far.
-
(config)# router bgp 65531
(config-router)# neighbor 3ffe:502:811:1::1 remote-as 65532
(config-router)# address-family ipv6
(config-router-af)# neighbor 3ffe:502:811:1::1 route-map BGP65532IN in
Configures BGP4+ to use the route-map filter BGP65532IN to filter routes received from external peers.
-
(config-router-af)# end
# clear ipv6 bgp * in
Applies the changes to the learned route filtering configuration.