8-26 neighbor ip-address peer-group-name route-map route-map-name out

8-26 neighbor { ip-address peer- group - name } route-map route-map-name out

Syntax Description:

• ip-address Neighbor's IP address.

• peer-group-name Name of the peer group. See section 8-19.

• route-map-name Name of the route map used for outgoing updates to a specified neighbor or peer group.

Purpose: A route map is an extremely powerful tool for route filtering and BGP attribute manipulation. Appendix C contains a complete discussion of route map logic. In this section, we will examine common uses of a route map for route filtering and BGP attribute manipulation.

Cisco IOS Software Release: 10.0. Peer group support was added in Release 11.0.

Configuration Example 1: Basic Route Filter Using an IP Standard Access List

The configuration shown in Figure 8-26 will be used for each route map example in this section.

 Router A  router bgp 1   neighbor 10.1.1.2 remote-as 2   __________________________________________________________________________  Router B  interface loopback 0   ip address 172.16.0.1 255.255.255.0   !   interface loopback 1   ip address 172.16.1.1 255.255.255.0   !   interface loopback 2   ip address 172.16.2.1 255.255.255.0   !   interface loopback 3   ip address 172.16.3.1 255.255.255.0   !   router bgp 2   neighbor 10.1.1.1 remote-as 1   network 172.16.0.0 mask 255.255.255.0   network 172.16.1.0 mask 255.255.255.0   network 172.16.2.0 mask 255.255.255.0   network 172.16.3.0 mask 255.255.255.0  

Before looking at the first route map example, verify that Router A is receiving the four 172.16 prefixes from Router B:

 rtrA#  show ip bgp  BGP table version is 5, local router ID is 172.17.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete    Network          Next Hop            Metric LocPrf Weight Path *> 172.16.0.0/24    10.1.1.2                 0             0 2 i *> 172.16.1.0/24    10.1.1.2                 0             0 2 i *> 172.16.2.0/24    10.1.1.2                 0             0 2 i *> 172.16.3.0/24    10.1.1.2                 0             0 2 i 

We want to use an output route map on Router B to block network 172.16.1.0/24. We could use a neighbor distribute list (see section 8-7) or prefix list (see section 8-21) to accomplish this task, but because this section concerns route maps, we might as well use one. Configure the following route map on Router B:

 Router B  router bgp 2   neighbor 10.1.1.1 remote-as 1    neighbor 10.1.1.1 route-map filter out    !    access-list 1 deny 172.16.1.0 0.0.0.255     access-list 1 permit any    !    route-map filter permit 10     match ip address 1   

Whenever you change a policy with a neighbor, you need to restart the BGP session by using clear ip bgp * or clear ip bgp neighbor-address. For this example, use clear ip bgp 10.1.1.1 on Router B.

Because we are either denying or permitting a route, we do not need any set commands in the route map. Each route or prefix advertised to Router A will be processed by the output route map with a name filter. The result of a route map is to either permit or deny an action. The action in this example is to permit routes to be advertised to a BGP neighbor.

Verification

Verify that the prefix 172.16.1.0/24 has been filtered:

 rrtA#  show ip bgp  BGP table version is 22, local router ID is 172.17.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete    Network          Next Hop            Metric LocPrf Weight Path *> 172.16.0.0/24    10.1.1.2                 0             0 2 i *> 172.16.2.0/24    10.1.1.2                 0             0 2 i *> 172.16.3.0/24    10.1.1.2                 0             0 2 i 

Configuration Example 2: Manipulate AS Path Information

A route map will be used on Router B to adjust the AS path information sent to Router A. Normally, Router B would append only its AS number to the updates sent to Router A. For this example, we will prepend an additional AS number to the routes. The route map required to accomplish this is shown in the following configuration:

 Router B  router bgp 2   neighbor 10.1.1.1 remote-as 1    neighbor 10.1.1.1 route-map filter out    !    route-map filter permit 10     set as-path prepend 6   

Verification

Verify that the routes received by Router A have the AS number 6 prepended to the AS path information:

 rtrA#  show ip bgp  BGP table version is 17, local router ID is 192.16.2.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete    Network          Next Hop            Metric LocPrf Weight Path *> 172.16.0.0/24    10.1.1.2                 0             0 2 6 i *> 172.16.1.0/24    10.1.1.2                 0             0 2 6 i *> 172.16.2.0/24    10.1.1.2                 0             0 2 6 i *> 172.16.3.0/24    10.1.1.2                 0             0 2 6 i 

Configuration Example 3: Append AS Information to Selected Routes

In the preceding example, the AS number 6 was prepended to all routes advertised by Router B. In this example, we want to prepend this AS number only to the route 172.16.2.0/24. This requires a match condition in the route map, as shown in the following configuration:

 Router B  router bgp 2   neighbor 10.1.1.1 remote-as 1    neighbor 10.1.1.1 route-map filter out    !   access-list 1 permit 172.16.2.0 0.0.0.255   !    route-map filter permit 10     match ip add 1     set as-path prepend 6     route-map filter permit 20   

The route-map filter permit 20 statement is the default case. Without it, routes not matching access list 1 would be denied .

Verification

Verify that the AS number 6 has been applied to only the 172.16.2.0/24 prefix:

 rtrA#  show ip bgp  BGP table version is 28, local router ID is 192.16.2.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete    Network          Next Hop            Metric LocPrf Weight Path *> 172.16.0.0/24    10.1.1.2                 0             0 2 i *> 172.16.1.0/24    10.1.1.2                 0             0 2 i  *> 172.16.2.0/24    10.1.1.2                 0             0 2 6 i  *> 172.16.3.0/24    10.1.1.2                 0             0 2 i 

Configuration Example 4: Modify the COMMUNITY Attribute

The COMMUNITY attribute can be used to group prefixes, and then policies can be applied to the community as a whole. In this example, we will set the community value for prefixes 172.16.0.0/24 through 172.16.3.0/24 to 1, 2, 3, and 4, respectively:

  router bgp 2   network 172.16.0.0 mask 255.255.255.0   network 172.16.1.0 mask 255.255.255.0   network 172.16.2.0 mask 255.255.255.0   network 172.16.3.0 mask 255.255.255.0    neighbor 10.1.1.1 send-community    neighbor 10.1.1.1 route-map filter out   !   access-list 1 permit 172.16.0.0 0.0.0.255   access-list 2 permit 172.16.1.0 0.0.0.255   access-list 3 permit 172.16.2.0 0.0.0.255   access-list 4 permit 172.16.3.0 0.0.0.255   !   route-map filter permit 10   match ip address 1   set community 1   !   route-map filter permit 20   match ip address 2   set community 2   !   route-map filter permit 30   match ip address 3   set community 3   !   route-map filter permit 40   match ip address 4   set community 4   !   route-map filter permit 50  

Don't forget to use the neighbor send-community command. Without it, the community values we are setting will not be advertised. The last stanza in the route map is the default case. We will pass all routes unmodified that don't match the first four route map stanzas.

Verification

Verify the new community settings on Router A:

 rtrA#  show ip bgp community 1  BGP table version is 50, local router ID is 192.16.2.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete    Network          Next Hop            Metric LocPrf Weight Path *> 172.16.0.0/24    10.1.1.2                 0             0 2 I rtrA#  show ip bgp community 2  BGP table version is 50, local router ID is 192.16.2.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete    Network          Next Hop            Metric LocPrf Weight Path *> 172.16.1.0/24    10.1.1.2                 0             0 2 I rtrA#  show ip bgp community 3  BGP table version is 50, local router ID is 192.16.2.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete    Network          Next Hop            Metric LocPrf Weight Path *> 172.16.2.0/24    10.1.1.2                 0             0 2 I rtrA#  show ip bgp community 4  BGP table version is 50, local router ID is 192.16.2.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete    Network          Next Hop            Metric LocPrf Weight Path *> 172.16.3.0/24    10.1.1.2                 0             0 2 I 

Troubleshooting

1. Verify that the BGP neighbors are in the Established state using the show ip bgp neighbors command.

   If the neighbor relationship is not in the Established state, see section 8-23.

2. Verify that the input route map is being used with the BGP neighbor using the show ip bgp neighbors command:

    rtrB#  show ip bgp n  BGP neighbor is 10.1.1.1,  remote AS 1, external link  Index 1, Offset 0, Mask 0x2   Community attribute sent to this neighbor   BGP version 4, remote router ID 192.16.2.1   BGP state = Established, table version = 6, up for 00:04:28   Last read 00:00:27, hold time is 180, keepalive interval is 60 seconds   Minimum time between advertisement runs is 30 seconds   Received 19132 messages, 3 notifications, 0 in queue   Sent 19248 messages, 0 notifications, 0 in queue   Prefix advertised 231, suppressed 0, withdrawn 2  Outbound path policy configured   Route map for outgoing advertisements is filter  Connections established 49; dropped 48   Last reset 00:04:58, due to User reset   0 accepted prefixes consume 0 bytes   0 history paths consume 0 bytes Connection state is ESTAB, I/O status: 1, unread input bytes: 0 Local host: 10.1.1.2, Local port: 11068 Foreign host: 10.1.1.1, Foreign port: 179 

3. Verify that the correct neighbor address is being used with the neighbor ip-address route-map route-map-name in command.

4. Verify that you are using the correct route map name.

5. Verify the logic of your route map (see Appendix C).

6. You can view the route map using the command show route-map route-map-name:

    rtrB#  show route-map filter  route-map filter, permit, sequence 10   Match clauses:     ip address (access-lists): 1   Set clauses:     community 1   Policy routing matches: 0 packets, 0 bytes route-map filter, permit, sequence 20   Match clauses:     ip address (access-lists): 2   Set clauses:     community 2   Policy routing matches: 0 packets, 0 bytes route-map filter, permit, sequence 30   Match clauses:     ip address (access-lists): 3   Set clauses:     community 3   Policy routing matches: 0 packets, 0 bytes route-map filter, permit, sequence 40   Match clauses:     ip address (access-lists): 4   Set clauses:     community 4   Policy routing matches: 0 packets, 0 bytes route-map filtert, permit, sequence 50   Match clauses:   Set clauses:   Policy routing matches: 0 packets, 0 bytes