Prefix list + Route map + BGP

merryllem · ‎07-15-2008

Hi All,

I need understanding the lines below. For some reason the "ge" option in the prefix list is throwing me off. So far, I understand it as BGP will NOT advertise X.X.160.0 out. Is that correct?

PREFIX LIST

ip prefix-list OUT seq 5 permit X.X.160.0/20 ge 21

ROUTE MAP

route-map OUT deny 20

match ip address prefix-list OUT

!

route-map OUT permit 100

match as-path 2

BGP

Router bpp xxxx

neighbor x.x.x.x route-map OUT out

philiechang · ‎07-15-2008

Yes, that is correct. Basically GE means greater than, so GE 21 means anything that is greater than /21 will be denied such as /22, /23, etc. So this prefix-list blocks more specific routes to x.x.160.0/20

merryllem · ‎07-15-2008

Thanks for the reply. Ok I think I understand.. but a few more questions to help me understand better. Does this mean 1.1.168.0 - 1.1.167.254 will be advertised? See output below. (BGP line added)

BGP

router bgp xxxx

network 1.1.160.0 mask 255.255.240.0

PREFIX INFO

whatmask 1.1.160.0/20

------------------------------------------------

TCP/IP NETWORK INFORMATION

------------------------------------------------

IP Entered = ..................: 1.1.160.0

CIDR = ........................: /20

Netmask = .....................: 255.255.240.0

Netmask (hex) = ...............: 0xfffff000

Wildcard Bits = ...............: 0.0.15.255

------------------------------------------------

Network Address = .............: 1.1.160.0

Broadcast Address = ...........: 1.1.175.255

Usable IP Addresses = .........: 4094

First Usable IP Address = .....: 1.1.160.1

Last Usable IP Address = ......: 1.1.175.254

whatmask 1.1.160.0/21

------------------------------------------------

TCP/IP NETWORK INFORMATION

------------------------------------------------

IP Entered = ..................: 1.1.160.0

CIDR = ........................: /21

Netmask = .....................: 255.255.248.0

Netmask (hex) = ...............: 0xfffff800

Wildcard Bits = ...............: 0.0.7.255

------------------------------------------------

Network Address = .............: 1.1.160.0

Broadcast Address = ...........: 1.1.167.255

Usable IP Addresses = .........: 2046

First Usable IP Address = .....: 1.1.160.1

Last Usable IP Address = ......: 1.1.167.254

Giuseppe Larosa · ‎07-16-2008

Hello Merrylle,

prefix 1.1.160.0/21 will match the prefix-list.

May you post also the as-path access-list 2, what is permitted by this as-path filter ?

The only warning is that if prefix 1.1.160.0/21 matches as-path access-list 2 it could be advertised by the second route-map block.

All prefixes that don't match the second block will be denied (implicit deny at the end of the route-map, in some applications a last block with only permit is needed to avoid this)

Hope to help

Giuseppe

Giuseppe Larosa · ‎07-15-2008

Hello Merrylle,

the prefix-list has the following meaning:

all IP prefixes that are contained in x.x.160.0/20 and have a prefix len Greater Equal of 21 will be permitted

Then the prefix-list is used under first route-map block with deny so those IP prefixes permitted by the prefix-list will be actually filtered

All prefixes matching the as path access-list 2 and not matching the prefix-list OUT will be advertised to the neighbor x.x.x.x

Hope to help

Giuseppe