cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1660
Views
4
Helpful
4
Replies
Highlighted
Explorer

BGP filtering "best practice"

Hi Guys,

We are setting up a new peering session with a provider for pppoe services - They will be advertising there LAC's to us, and have suggested we do the following:

- Only Accept a /32 advertised prefix

- Only accept a maximum of 500 prefixes

- Only accept prefixes that we Originate (our AS in the AS PATH only)

After some best-practice advice on how to do this, any suggestions/comments on the following filters would be greatly appreciated:

- Only Accept a /32 advertised prefix:

ip prefix-list BGP_TEST seq 5 permit 0.0.0.0/0 le 1

- Only accept a maximum of 500 prefixes

neighbor x.x.x.x maximum-prefix 500

- Only accept prefixes that we Originate (our AS in the AS PATH only) - This would only allow routes that originated in AS100

ip as-path access-list 1 permit ^100$

Cheers.

4 REPLIES 4
Highlighted

your conifg looks ok except the prefix list that match hosts route /32

where you need to set as:

ip prefix-list BGP_TEST seq 5 permit 0.0.0.0/0 ge 32


The ge means greater than or equal to.  in this case ge 32 means greater than or equal to 32

hope this help

if helpful rate

Highlighted

Thanks for the quick response!

And thanks for the correction.

Highlighted
Advocate

Hi,

does "

- Only accept prefixes that we Originate (our AS in the AS PATH only) - This would only allow routes that originated in AS100"

mean your AS number is 100 and you should advertise only prefixes originated in your AS?

In that case you should use

ip as-path access-list 1 permit ^$

in your outbound route-map.

As your AS number is added to the AS-PATH automatically after the outbound filtering is applied.

HTH,

Milan

Highlighted

Hi Milan - no, we are only wanting to accept AS100 advertisements from carrier.

Thanks