03-29-2018 10:52 AM - edited 03-05-2019 10:11 AM
HELLLLLLP!!!
I am trying to filter advertised and received routes over a BGP connection to AWS and not having any success. I want to only allow 10.7.6.1 to send its network to 10.7.6.2 and I only want to receive 10.60.0.0/16 from 10.7.6.2
So here’s the low down…
I have a BGP connection established between 10.7.6.1 (RQ side) and 10.7.6.2 (AWS side)
I want to only advertise 10.7.6.0/30 to 10.7.6.2
I want to only receive 10.60.0.0/16 from 10.7.6.2
neighbor 10.7.6.2 activate
neighbor 10.7.6.2 soft-reconfiguration inbound
neighbor 10.7.6.2 route-map awsin in
neighbor 10.7.6.2 route-map aws out
I am in the process of removing all the permit statements except 10.7.6.0/30 to see if that works going outbound
ip prefix-list aws seq 5 permit 10.7.0.0/20
ip prefix-list aws seq 6 permit 10.7.1.0/30
ip prefix-list aws seq 7 permit 10.7.2.0/30
ip prefix-list aws seq 8 permit 10.7.3.0/30
ip prefix-list aws seq 9 permit 10.7.4.0/30
ip prefix-list aws seq 10 permit 10.7.5.0/30
ip prefix-list aws seq 11 permit 10.7.6.0/30
ip prefix-list aws seq 12 permit 10.7.8.0/30
ip prefix-list aws seq 13 permit 10.7.9.0/30
route-map aws permit 10
description aws
match ip address prefix-list aws
I am going to remove the deny statement and see if that does anything…
ip prefix-list awsin seq 5 permit 10.60.0.0/24
ip prefix-list awsin seq 10 deny 10.0.0.0/8
route-map awsin permit 10
description awsin
match ip address prefix-list awsin
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.7.1.2 4 65000 71 76 49077013 0 0 00:32:38 8
10.7.2.2 4 65000 70 76 49077013 0 0 00:32:38 8
10.7.3.2 4 65000 70 76 49077013 0 0 00:32:38 8
10.7.4.2 4 65000 70 75 49077013 0 0 00:32:38 8
10.7.5.2 4 65000 70 76 49077013 0 0 00:32:38 8
10.7.6.2 4 65000 24 27 49077013 0 0 00:10:14 0
10.7.8.2 4 65000 70 75 49077013 0 0 00:32:38 8
10.7.9.2 4 65000 70 75 49077013 0 0 00:32:38 8
66.116.118.225 4 23005 18601512 316913 49077075 0 0 19w2d 684403
sh ip bgp neighbors 10.7.6.2 advertised-routes
BGP table version is 49077152, local router ID is
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 10.7.1.0/30 0.0.0.0 0 32768 i
*> 10.7.2.0/30 0.0.0.0 0 32768 i
*> 10.7.3.0/30 0.0.0.0 0 32768 i
*> 10.7.4.0/30 0.0.0.0 0 32768 i
*> 10.7.5.0/30 0.0.0.0 0 32768 i
*> 10.7.6.0/30 0.0.0.0 0 32768 i
*> 10.7.8.0/30 0.0.0.0 0 32768 i
*> 10.7.9.0/30 0.0.0.0 0 32768 i
Total number of prefixes 8
sh ip bgp neighbors 10.7.6.2 received-routes
BGP table version is 49077217, local router ID is
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* 10.10.0.0/16 10.7.6.2 0 65000 i
* 10.20.0.0/16 10.7.6.2 0 65000 i
* 10.30.0.0/16 10.7.6.2 0 65000 i
* 10.40.0.0/16 10.7.6.2 0 65000 i
* 10.50.0.0/16 10.7.6.2 0 65000 i
* 10.60.0.0/16 10.7.6.2 0 65000 i
* 10.80.0.0/16 10.7.6.2 0 65000 i
* 10.90.0.0/16 10.7.6.2 0 65000 i
Total number of prefixes 8