Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4698
Views
5
Helpful
2
Replies

BGP order for prefix-lists AND route-maps

Go to solution
steven.crutchley
Level 1
Level 1

‎01-13-2016 07:50 AM - edited ‎03-05-2019 03:06 AM

General question about BGP.

Taking this config:

neighbor 1.1.1.1 prefix-list MY_PREFIX_LIST in
neighbor 1.1.1.1 route-map MY_ROUTE_MAP in

route-map MY_ROUTE_MAP permit 10
 set local-pref 110

ip prefix-list MY_PREFIX_LIST seq 5 deny 2.2.2.2/32
ip prefix-list MY_PREFIX_LIST seq 10 permit 0.0.0.0/0 le 32

If 1.1.1.1 advertises the 2.2.2.2 prefix, it will be permitted (and local pref set to 110) because inbound route-maps are processed first (and of course the lack of a match statement indicates match-all). Correct?

Or am I misunderstanding this page?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎01-13-2016 08:02 AM

Hi Steven,

The BGP FAQ document you're referencing should be the authoritative guide. So for inbound routes, first the route-map, then the prefix-list are evaluated - that's correct. But my understanding is different: The route-map is the first filter, and whatever remains after passing through the route-map is additionally subjected to the prefix-list. A route will be accepted only if it is permitted both by the route-map and the prefix-list - it has to pass both.

So in this logic, the 2.2.2.2/32 should not be accepted because even though it has made it through the route-map, the prefix-list drops it explicitly.

Would that match your observations?

Best regards,
Peter

View solution in original post

2 Replies 2

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎01-13-2016 08:02 AM

Hi Steven,

The BGP FAQ document you're referencing should be the authoritative guide. So for inbound routes, first the route-map, then the prefix-list are evaluated - that's correct. But my understanding is different: The route-map is the first filter, and whatever remains after passing through the route-map is additionally subjected to the prefix-list. A route will be accepted only if it is permitted both by the route-map and the prefix-list - it has to pass both.

So in this logic, the 2.2.2.2/32 should not be accepted because even though it has made it through the route-map, the prefix-list drops it explicitly.

Would that match your observations?

Best regards,
Peter

Go to solution
steven.crutchley
Level 1
Level 1
In response to Peter Paluch

‎01-29-2016 04:10 AM

Hi Peter,

Thanks for that. I just labbed this up and confirmed that the behavior is exactly as you've described.

Cheers,

Steve

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card