08-17-2018 03:08 PM
Hi Everyone,
I have a question about BGP.
I would like to adapt the BGP community sent by my router based on an ACL.
I have 2 routers
R1 sets a community of 0 on all routes and R2 sets 10095 on all routes.
R1 is the primary router and R2 the secondary.
For 3 ip's I would like R2 to become the preferred router. In and out traffic.
So on R1 in my router bgp xxxx config I have created a route-map
"neighbor x.x.x.x route-map BGP-FILTER-OUT out"
This route map sets the community of all routes to 0
route-map BGP-FILTER-OUT permit 10
match ip address bgp-routes
set community xxxx:0
!
How do I add the second part? Can I add it to sequence 10?
match ip address bgp-3ips
set community xxxx:10095.
If I create a sequence 20. I will never be executed since sequence 10 always has a hit.
I tried creating the sequence 20 and adding "continue 20" in sequence 10, but without success.
Any tips?
Thanks,
J.
Solved! Go to Solution.
08-18-2018 01:55 AM
Here is a sample config:
ip prefix-list bgp-routes deny 1.1.1.1/32
ip prefix-list bgp-routes deny 2.2.2.2/32
ip prefix-list bgp-routes deny 3.3.3.3/32
ip prefix-list bgp-routes permit 0.0.0.0/le 32
!
ip prefix-list bgp-3ips permit 1.1.1.1/32
ip prefix-list bgp-3ips permit 2.2.2.2/32
ip prefix-list bgp-3ips permit 3.3.3.3/32
!
route-map BGP-FILTER-OUT permit 10
match ip address prefix-list bgp-routes
set community xxxx:0
!
route-map BGP-FILTER-OUT permit 20
match ip address prefix-list bgp-3ips
set community xxxx:10095
08-17-2018 03:34 PM - edited 08-17-2018 03:34 PM
Hi Joris,
You would need to add it as sequence 5, so it takes precedence over sequence 10.
This way, if it doesn't match the access list in sequence 5, it will pass automatically to sequence 10 and perform the action defined in sequence 10.
Regards,
08-17-2018 11:24 PM
Hello Harold,
Thanks for the help.
If I were to create sequence 5 and it has a match, wouldn't it skip sequence 10?
I always need to execute sequence 10 as well.
Thanks,
J.
08-18-2018 01:21 AM
Hello,
why not just exclude the three routes from the match statement in the first access list, so they don't get community 0 set, and then match them in a second access list ?
08-18-2018 01:55 AM
Here is a sample config:
ip prefix-list bgp-routes deny 1.1.1.1/32
ip prefix-list bgp-routes deny 2.2.2.2/32
ip prefix-list bgp-routes deny 3.3.3.3/32
ip prefix-list bgp-routes permit 0.0.0.0/le 32
!
ip prefix-list bgp-3ips permit 1.1.1.1/32
ip prefix-list bgp-3ips permit 2.2.2.2/32
ip prefix-list bgp-3ips permit 3.3.3.3/32
!
route-map BGP-FILTER-OUT permit 10
match ip address prefix-list bgp-routes
set community xxxx:0
!
route-map BGP-FILTER-OUT permit 20
match ip address prefix-list bgp-3ips
set community xxxx:10095
08-20-2018 06:29 AM
Hi Georg,
This doesn't seem to work for me. No changes are made to BGP.
I seem to get mixed explanations on what the route map does.
If I have a match and set in sequence 5, does the route-map continue with sequence 10, or does it stop because it has found a match.
So create a sequence 5
route-map BGP-FILTER-OUT permit 5
match ip address prefix-list bgp-3ips
set community xxxx:10095
route-map BGP-FILTER-OUT permit 10
match ip address prefix-list bgp-routes
set community xxxx:0
!
08-20-2018 06:32 AM
Hello,
did you configure the prefix lists exactly as in my example ? Post your running config...I tested this in GNS3....
08-21-2018 06:37 AM
Hi,
Works fine now. Did not have the correct static route redistributed in bgp.
Thanks for the help.
br,
J
08-18-2018 08:23 AM
You can actually set both communities on the sequence 5. That would solve your problem, wouldn't it?
Regards,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide