05-12-2020 07:31 AM
Hi , please help to understand below config.Can you please confirm either prefix 10.110.10.0/24 will be recieved OR both 10.110.10.0/24 & 10.110.11.0/24
router# router bgp 64512
neighbor 10.11.131.2 route-map route in
route-map route permit 10
match ip address prefix-list allow
match community 15
set community no-export additive
!
route-map route deny 30
!
ip prefix-list allow seq 10 permit 10.110.10.0/24
!
router# sh ip bgp community-list 15
Network Next Hop Metric LocPrf Weight Path
>i 10.110.10.0/24 X.X.X.X 0 100 0 4103 65525 i
>i 10.110.11.0/24 X.X.X.X 0 100 0 4103 65525 i
Solved! Go to Solution.
05-12-2020 02:09 PM
Hello @Anukalp S ,
the first route-map clause has two match criteria and as explained by @paul driver both match criteria must be met in order to have a match in that route-map clause. It is a boolean AND:
if ( the prefix match communily-list 15 ) AND (prefix-list allow) then it is a match it is permitted and the NO_EXPORT community is added to it
prefix 10.110.11.0/24 is not permitted by prefix-list allow so it is not able to pass the combined criteria in AND.
There is not a winner match, simply the prefix-list is more selective then the community-list. Both match must be satisfied to have a match for the route-map ( the boolean AND operation reported above)
Hope to help
Giuseppe
05-12-2020 07:48 AM - edited 05-12-2020 07:50 AM
Hello
The route-map will be read for both match statements only, So if an match isnt found for either match statements then the set command isnt applicable.
05-12-2020 08:18 AM
Hi Paul, Thanks but which prefix will be received in BGP table as route map is applied inbound in bgp, only 10.110.10.0/24 OR both 10.110.10.0/24 & 10.110.11.0/24
05-12-2020 08:58 AM - edited 05-12-2020 09:02 AM
Hello @Anukalp S ,
to be able to answer to your questions we would need to know:
a) what community value(s) are permitted by community-list 15 invoked in the route-map with match community 15
b) we should know what BGP community value(s) one ore more are attached to the two prefixes . This level of detail is given by
show ip bgp 10.110.10.0
show ip bgp 10.110.11.0
if the prefix 10.110.10.0/24 is a match for community-list 15 as explained above it has a BGP community value that matches one of the values permitted by community-list 15 then it is a match for the first route-map clause.
Edit:
by reviewing original post we can say that both prefixes match community-list 15 but only 10.110.10.0/24 is also a match for the prefix-list.
So prefix 10.110.10.0/24 is accepted and can be advertised to other iBGP peers but not to eBGP peers.
Prefix 10.110.11.0/24 matches the last route-map clause deny 30 and so it is filtered inbound
Hope to help
Giuseppe
05-12-2020 11:20 AM
Hi Giuseppe,
Thanks, so here prefix-list matching prefix 10.110.10.0/24 will win over community matching both 10.110.10.0/24 & 10.110.11.0/24 thus only prefix 10.110.10.0/24 will be accepted.
05-12-2020 02:09 PM
Hello @Anukalp S ,
the first route-map clause has two match criteria and as explained by @paul driver both match criteria must be met in order to have a match in that route-map clause. It is a boolean AND:
if ( the prefix match communily-list 15 ) AND (prefix-list allow) then it is a match it is permitted and the NO_EXPORT community is added to it
prefix 10.110.11.0/24 is not permitted by prefix-list allow so it is not able to pass the combined criteria in AND.
There is not a winner match, simply the prefix-list is more selective then the community-list. Both match must be satisfied to have a match for the route-map ( the boolean AND operation reported above)
Hope to help
Giuseppe
05-12-2020 11:39 PM
Thanks Giuseppe for clarification
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide