12-30-2016 06:47 PM - edited 03-05-2019 07:45 AM
Hi As we know, bgp route-policy controls if routes can be forwarded. Here are example:
If route 10.1.0.0/16 is permitted to pass in route-policy, the route can be forwarded to pass. If route is10.1.0.0/24 under the same route-policy, can it be forwarded to pass?
It looks like there is difference with ACL for traffic in interface
Thank you
Solved! Go to Solution.
12-31-2016 12:14 AM
Hello,
whatever is matched in the route policy needs to be in the routing table. If 10.1.0.0/16 is in the routing table, it will match (and pass). If only 10.1.0.0/16 is in the routing table, and you try to match 10.1.0.0/24, it will be dropped (due to the implicit drop/deny at the end of any route map).
Is this what you are asking ?
01-01-2017 01:39 AM
Hello,
exactly. If you allow e.g. 10.0.0.0/8 to pass, everything 'below' would pass as well, such as 10.1.0.0/16, or 10.1.1.0/24. With BGP route maps, you need exact matches.
12-31-2016 12:14 AM
Hello,
whatever is matched in the route policy needs to be in the routing table. If 10.1.0.0/16 is in the routing table, it will match (and pass). If only 10.1.0.0/16 is in the routing table, and you try to match 10.1.0.0/24, it will be dropped (due to the implicit drop/deny at the end of any route map).
Is this what you are asking ?
12-31-2016 04:23 PM
Thank you so much for your reply. Yes you are right.
It's opposite to ACL in interface, It can permit all traffic under the prefix to pass, right?
01-01-2017 01:39 AM
Hello,
exactly. If you allow e.g. 10.0.0.0/8 to pass, everything 'below' would pass as well, such as 10.1.0.0/16, or 10.1.1.0/24. With BGP route maps, you need exact matches.
01-01-2017 12:12 PM
Thank you!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide