04-23-2009 11:01 AM - edited 03-04-2019 04:29 AM
I'm trying to prevent a single host address from being injected into my providers MPLS network and even with the distribute-list it stills show up in the AS. Thanks..
router bgp 200
no synchronization
bgp log-neighbor-changes
network 10.2.20.0 mask 255.255.255.0
redistribute connected
neighbor 1.1.1.1 remote-as 65000
neighbor 1.1.1.1 route-map SETMED out
distribute-list 10 out
-even tried neighbor 1.1.1.1 distribute-list "" out
access-list 10 deny host 12.12.12.12
access-list 10 permit any
clear ip bpg *
clear ip route
int loopback 1
ip address 1.1.1.1 255.255.255.255
Solved! Go to Solution.
04-23-2009 11:17 AM
Eric
Just tested this with dynamips and it works fine for me, so as long as you have an exact matching route ie. 12.12.12.12 then it should work fine.
Jon
04-23-2009 11:11 AM
Eric
Where is 12.12.12.12/32 coming from? Is it a connected interface?
Also I am puzzled at parts of your config. You configure your BGP with a neighbor of 1.1.1.1, but it appears that 1.1.1.1 is a loopback interface on your router. Can you clarify what is going on?
HTH
Rick
04-23-2009 11:16 AM
Sorry guys about the incomplete config and 12.12.12.12 is Dialer interface that's setup for DSL.
04-23-2009 11:19 AM
router bgp 200
no synchronization
bgp log-neighbor-changes
network 10.2.20.0 mask 255.255.255.0
redistribute connected
neighbor 1.1.1.1 remote-as 65000
neighbor 1.1.1.1 route-map SETMED out
distribute-list 10 out
access-list 10 deny host 12.12.12.12
access-list 10 permit any
clear ip bpg *
clear ip route
int loopback 1
ip address 10.10.10.10 255.255.255.255
int di0
ip address 12.12.12.12 255.255.255.255
here is the complete config. and i"ve tried clear ip bgp *
04-23-2009 11:23 AM
Eric,
You should definitely use "neighbor 1.1.1.1 distribute-list 10 out".
Regards
07-19-2019 03:36 AM
Hi Harold, this works.
But I have the same problem, it seems like the distribute doesn't work if I don't put it on specific neighbour. Do you have any idea about that?
Thanks.
04-23-2009 11:27 AM
Okay try this
access-list 10 deny 12.12.12.12
access-list 10 permit any
route-map FILTER permit 10
match ip address 2
router bgp 200
redistribute connected route-map FILTER
and remove
distribute-list 10 out from bgp config. Then as Harold says "clear ip bgp 1.1.1.1 soft out"
Jon
04-23-2009 11:12 AM
Eric,
Did you try "neighbor 1.1.1.1 distribute-list 10 out", followed by a "clear ip bgp 1.1.1.1 soft out". That should definitely work for you.
Regards
04-23-2009 11:17 AM
Eric
Just tested this with dynamips and it works fine for me, so as long as you have an exact matching route ie. 12.12.12.12 then it should work fine.
Jon
04-23-2009 11:28 AM
Hmmm. Well I'm specifying the host address int the acl and distribute list. I know that with BGP the routes have to be exact match in order to be in the bgp routing table. Does this apply for the distribute list also?
thx
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide