09-17-2018 01:00 PM
I am receiving routes via BGP from a cloud provider. The provider is sending overlapping routes. For example, 10.0.0.0/8 and 10.1.0.0/16. I would like to filter the component route as it's learned from the cloud provider. So in my example, keep the 10.0.0/8 route and drop the 10.1.0.0/16 route.
The problem is that I don't know the prefixes that will be advertised. For example, today it is 10.0.0.0/8 and 10.1.0.0/16. Tomorrow they may add 11.0.0.0/8 and 11.1.0.0/16 without my awareness. Therefore I can't create route-maps/prefix-lists that match on specific prefix values.
Is there a way to drop component routes if a less specific summary is also learned - regardless of the actual prefix values?
(I understand the undesirable ramifications of learning unknown routes from a cloud provider. I've also made the IP addressing examples simpler that my real world need)
09-17-2018 02:47 PM - edited 09-17-2018 02:48 PM
Hello,
what you could do is drop ANYTHING with e.g. a higher than /8 netmask, as in the example below:
router bgp 1
bgp router-id 1.1.1.1
bgp log-neighbor-changes
neighbor 192.168.1.2 remote-as 2
neighbor 192.168.1.2 route-map SUPERNET_MAP in
!
ip prefix-list SUPERNET_PREFIX seq 5 permit 0.0.0.0/0 le 8
!
route-map SUPERNET_MAP permit 10
match ip address prefix-list SUPERNET_PREFIX
This would allow 10.0.0.0/8, 11.0.0.0/8 etc. but not 10.0.0.0/9 or higher and so on...
09-17-2018 04:59 PM
09-18-2018 01:21 AM - edited 09-18-2018 01:22 AM
Hello
Just like to add to Josephs comments:-
You could possibly look into using an elegant kind of route filtering inline with your ISP in a away that not only it results in you not receiving certain prefixes but it also saves router resource.
These prefixes wont even been sent to your router in the first place unlike normal route filtering in which the prefixes are received by your router then filtering takes place thus still taking up unnecessary resource.
This kind of route filtering is called Outbound Route Filtering (ORF) but as I have stated you eed to work with you ISP to see if this is indeed applicable.
example ORF:
your router
ip prefix-list ORF deny 10.0.0.0/16
ip prefix-list ORF permit 0.0.0.0/0 le 32
router bgp x
neighbor (ISP) prefix-list ORF in
neighbor (ISP) capability orf prefix-list ORF send
ISP
router bgp x
neighbor (your rtr) capability orf prefix-list receive
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide