Solved: Re: Daniel,

daniel.tanch · ‎04-04-2016

Hi,

What are the different between these?

distribute-list                  Filter updates to/from this neighbor
filter-list                          Establish BGP filters
prefix-list                        Filter updates to/from this neighbor

Under what situation to use either one of these?

Peter Paluch · ‎04-04-2016

Daniel,

The

distribute-list and prefix-list

perform route filtering based on IP network addresses and netmasks of routes being advertised. The

distribute-list

refers to an ACL to match the individual networks and netmasks, while

prefix-list

refers to a prefix list to do this matching. In fact, the use of

distribute-list and prefix-list

for a particular BGP neighbor in a particular direction (in or out) is mutually exclusive, because they both accomplish the very same goal, just using a different route selection/filtering mechanism (an ACL vs. a prefix list). It is generally better to use prefix lists instead of ACLs - they are much more cleaner and more comprehensible, optimized to match networks/netmasks and subnets thereof.

The

filter-list

performs route filtering based on the contents of the AS_PATH attribute - the sequence and values of atonomous system numbers. To do this, you would configure an as-path ACL that contains one or more regular expressions matching the particular sequence of ASNs in the AS_PATH attribute, and apply it to a neighbor and a particular direction with the

filter-list command. With a filter-list

, you do not perform route matching/filtering based on IP addresses and netmasks.

You might also be interested in reading the follow BGP FAQ entry:

http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/5816-bgpfaq-5816.html#one

Please feel welcome to ask further!

Best regards,
Peter

View solution in original post

Peter Paluch · ‎04-04-2016

Daniel,

The

distribute-list and prefix-list

perform route filtering based on IP network addresses and netmasks of routes being advertised. The

distribute-list

refers to an ACL to match the individual networks and netmasks, while

prefix-list

refers to a prefix list to do this matching. In fact, the use of

distribute-list and prefix-list

for a particular BGP neighbor in a particular direction (in or out) is mutually exclusive, because they both accomplish the very same goal, just using a different route selection/filtering mechanism (an ACL vs. a prefix list). It is generally better to use prefix lists instead of ACLs - they are much more cleaner and more comprehensible, optimized to match networks/netmasks and subnets thereof.

The

filter-list

performs route filtering based on the contents of the AS_PATH attribute - the sequence and values of atonomous system numbers. To do this, you would configure an as-path ACL that contains one or more regular expressions matching the particular sequence of ASNs in the AS_PATH attribute, and apply it to a neighbor and a particular direction with the

filter-list command. With a filter-list

, you do not perform route matching/filtering based on IP addresses and netmasks.

You might also be interested in reading the follow BGP FAQ entry:

http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/5816-bgpfaq-5816.html#one

Please feel welcome to ask further!

Best regards,
Peter

Javier Teliz · ‎08-28-2018

Very helpfully your explanation, Thanks Daniel!

sivam siva · ‎12-27-2019

Hi @Peter Paluch

What if I configured Distribute-list, route-map, filter-list, prefix-list what is the preference order of BGP?

for Ex:

neighbor 2.2.2.2 prefix-list XXXX out

neighbor 2.2.2.2 distribute-list 101 out

neighbor 2.2.2.2 route-map XXXX  out

neighbor 2.2.2.2 filter-list XXXX out

Thanks

Siva

LuciasDA · ‎02-08-2021

For outbound updates the order of preference is:

*prefix-list, distribute-list
*filter-list
*route-map

BGP distribute-list vs filter-list vs prefix-list