cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1689
Views
0
Helpful
11
Replies

BGP Restriction

divine007
Level 1
Level 1

     Hello All,

I have 2 links from thesame isp. So segments are divided between  the links and advertise using prefix-list for restriction

Now one of the link is having issues, so i decided to send all the traffic on the other link, but i realise that since there is no restriction the faulty link while the bgp is still up, all the segments inside the bgp session are advertise there because BGP is still up, now looking like there is a look, i thought of using advertise map at the level of the neighbor but recieve only a BGP default route from my upstream.

I cant shut BGP down because my neighbor ip addresss comes through BGP and my IPSEC GRE tunnels use this ip address

What else can i use in other to restrict this

Regards

11 Replies 11

Hi,

Match the default route with AS-Path access-list, it will work.

ip as-path access-list 2 permit ^$

ip prefix-list DEFROUTE seq 10 permit 0.0.0.0/0

route-map NON-EXISTTYP permit 10
  match ip address prefix-list DEFROUTE
  match as-path 2

HTH,

Smitesh

PS: Please rate helpful posts...

just to complete the solution suggested by smitesh ,

apply the route map NON-EXISTTYP in neighboor : neigboor <@IP> route-map NON-EXISTTYP in

If i use

ip prefix-list DEFROUTE seq 10 permit 0.0.0.0/0

Wont all the prefix be allowed through, i believe 0.0.0.0/0 means anything??

Regards

Hi,

It will match all, however since you want to have conditional advertisement, even in case your primary link goes down, you will receive default via your secondary link and Access-list will still match. Hence, match default route in conditional advertisement is not a good option; unless you are receiving two default set of IP prefixes from both ISPs.

HTH,

Smitesh

Hi,

IMHO,

ip prefix-list DEFROUTE seq 10 permit 0.0.0.0/0

matches only the deafult route.

If you want to match all prefixes, you would need to add

ip prefix-list DEFROUTE seq 10 permit 0.0.0.0/0 le 32

But generally , I'm missing your idea here: What do you want to achieve?

BR,

Milan

Hi Adnane,

I beg to differ here, since this scenario we are doing conditional route-advertisement, we will use advertise-map instead of route-map as you suggested.

HTH,

Smitesh

Am getting something, tell me now that i recieve only a default BGP route from my upstream provider inside my bgp table

How will this works, since i need this routes inside my bgp routing table

Regards

it's better to post schema architecture with more clarifications , that will help us to converge toward right way

Attached above the schema of my case.

Regards

For problem 1 : us I understand you don't want to take any route from link  , to do so just create a prefix list and apply it to incoming route in link 1

ip prefix-list myprefix deny 0.0.0.0/0

neighbor @IP prefix-list mypref in

and apply command : clear ip bgp * soft

compare th result of two commands : show ip bgp neighbors @IP received-routes and show ip bgp @IP routes , it show yuo if your filter is working .

for Problem 2 I send you my solution soon

divine007
Level 1
Level 1

Tell me, can i influence BGP returning traffic, when i receive only a B* route from my upstream provider?

Regards

Review Cisco Networking for a $25 gift card