• Update filtering works on peer basis.
    • ‘neighbor <address> distribute-list [standard/extended acl]
    • ‘neighbor <address> filter-list [as-path-acl]
    • ‘neighbor <address> prefix-list [prefix-list name]
    • ‘neighbor <address> route-map
      • Using route maps avoids order of operations issues.
  • Regular Expressions
    • Used for the following:
      • Show command outputs
      • TCL/EEM scripting
      • BGP AS-Path access-lists
      • BGP Expanded Community lists
    • Info can be found in
      • IOS Terminal Services Configuration Guide
        • Appendixes
          • Regular expressions

Regex AS-Path access-list example

In the image below R1 and R4 are in ASN 200, R3 and R2 in ASN 100.

R4 and R1 have two originating routes being advertised into BGP, 4.4.4.0/24 and 1.1.1.0/24. The regular expression ‘^$’ can be used with BGP to show only routes that are originating from the local ASN. This can be used with an access-list/filter list with BGP to only advertise into BGP the locally originated, instead of passing on routes from external ASNs onto additional ASNs.

In IOS the command ‘show ip bgp regex ^$’ can be used to show only the locally originated routes being advertised.

To create an ACL to filter down in BGP, the following can be completed.

The use of ‘filter-list’ on the neighbor statement then will only advertise out locally originated prefixes through the Regex ‘^$’.

BGP Max Prefix

  • BGP defaults to full view from all peers
  • Generally all prefixes should not get pushed upstream.
  • Can filter on number of prefixes
    • ‘neighbor maximum-prefix’
    • Result can be log or shutdown peer.

BGP Outbound Route Filtering

  • Traditionally what providers will advertise out.
    • Full Table
    • Default Only
    • Default plus local (partial)
  • Outbound Route Filtering
    • Customer signals upstream what type of routes they want.
    • Results in control in customers hands vs. providers.
    • ‘neighbor ip-address capability orf prefix-list [send, receive, both]’

The ORF process can be configured with a prefix-list and then adding capability and prefix-list to a BGP neighbor statement. On R8 below we’re receiving all BGP routes from ASN 200 and 100 from R5. If we wanted to filter down to receiving one subnet from R5, 1.1.1.0/24, we specify that in the prefix list.

Now on R8’s BGP table, the local ASN prefixes and 1.1.1.0/24 are the only subnets available.

Soft Reconfiguration Inbound:

  • Saves unfiltered BGP routes received from peer in Adj-RIBs-In.
    • Adj-RIBs-In–>Loc-RIB–>Adj-RIBs-Out
    • Allows router to run ‘show ip bgp neighbor <neighor> received-routes
  • Takes up more memory because it’s saving another copy of inbound routes.
  • ‘neighbor <address> soft-reconfiguration inbound’
  • Makes troubleshooting easier.

Before:

Route Refresh Capability:

  • Negotiated capability with OPEN message
  • Can ask peer to send an update without having to hard clear session.
    • ‘clear bgp ipv4 unicast <neighbor> soft in’
    • ‘clear bgp ipv4 unicast <neighbor> in’
    • ‘clear bgp ipv4 unicast * in’
  • Does not consume memory like Soft Reconfiguration Inbound

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s