8-22 neighbor ip-address peer-group-name prefix-list prefix-list-name out

Previous page
Table of content
Next page
 < Free Open Study > 

8-22 neighbor { ip-address peer- group - name } prefix-list prefix-list-name out

Syntax Description:

  • ip-address Neighbor's IP address.

  • peer-group-name Name of the peer group. See section 8-19.

  • prefix-list-name Name of the output IP prefix list.

Purpose: To filter outgoing route updates to a particular BGP neighbor based on the IP address and mask length. Only one prefix list can be used per neighbor. The operation of the output prefix list is identical for both IBGP and EBGP neighbors. Using a prefix list is an alternative to using an extended IP access list and a distribution list.

Cisco IOS Software Release: 12.0

Configuration Example 1: Allow an Aggregate Route While Blocking the More-Specific Routes

In Figure 8-21, Router B is advertising four network prefixes and the aggregate of the prefixes to Router A. Router B filters the route update to Router A in order to reject the more-specific routes. Loopbacks are used on Router B to simulate the advertised networks, as shown in the configuration.

Figure 8-21. Scenario for Using the neighbor prefix-list out Command

graphics/08fig21.gif 

 Router A  !   interface Serial0   ip address 10.1.1.1 255.255.255.252   !   !   router bgp 1   neighbor 10.1.1.2 remote-as 2   __________________________________________________________________________  Router B  ip subnet-zero   !   interface Loopback0   ip address 172.16.0.1 255.255.255.0   !   interface Loopback1   ip address 172.16.1.1 255.255.255.0   !   interface Loopback2   ip address 172.16.2.1 255.255.255.0   !   interface Loopback3   ip address 172.16.3.1 255.255.255.0   !   interface Serial0   ip address 10.1.1.2 255.255.255.252   clockrate 64000   !   router bgp 2   network 172.16.0.0 mask 255.255.255.0   network 172.16.1.0 mask 255.255.255.0   network 172.16.2.0 mask 255.255.255.0   network 172.16.3.0 mask 255.255.255.0   aggregate-address 172.16.0.0 255.255.252.0   neighbor 10.1.1.1 remote-as 1

Before proceeding to the prefix list example, verify that Router A is receiving the routes from Router B: 

 rtrA#  show ip bgp  BGP table version is 5, local router ID is 172.17.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete    Network          Next Hop            Metric LocPrf Weight Path *> 172.16.0.0/24    10.1.1.2                 0             0 2 i *> 172.16.0.0/22    10.1.1.2                               0 2 i *> 172.16.1.0/24    10.1.1.2                 0             0 2 i *> 172.16.2.0/24    10.1.1.2                 0             0 2 i *> 172.16.3.0/24    10.1.1.2                 0             0 2 i

Modify the BGP configuration on Router B to allow only the aggregate prefix 172.16.0.0/22: 

 Router B  router bgp 2   neighbor 10.1.1.1 remote-as 1    neighbor 10.1.1.1 prefix-list aggregate out    !    ip prefix-list aggregate seq 5 permit 172.16.0.0/22

The prefix list is similar to a route map. Prefix lists are named, and each statement in a prefix list has a sequence number. Elements in a prefix list are executed in numerical order, and processing stops when a match occurs. Before proceeding, we will discuss the commands available with an IP prefix list: 

  ip prefix-list   sequence-number  (default)  no ip prefix-list   sequence-number

The default form includes the sequence numbers in the configuration. Using the no form of this command excludes the sequence numbers. If we list our configuration on Router A, we see that the sequence numbers are included in the configuration. By default, the sequence numbers start at 5 and increment by 5: 

  ip prefix-list aggregate seq 5 permit 172.16.0.0/22

Using the no form produces this: 

  ip prefix-list aggregate permit 172.16.0.0/22

If the no form is used, the sequence numbers can be seen using the show ip prefix-list command: 

 rtrA#  show ip prefix-list  ip prefix-list aggregate: 2 entries    seq 5 permit 172.16.0.0/22

The general form of the command is: 

 rtrA(config)#  ip prefix-list ?  WORD             Name of a prefix list   sequence-number  Include/exclude sequence numbers in NVGEN rtrA(config)#  ip prefix-list aggregate ?  deny         Specify packets to reject   description  Prefix-list specific description   permit       Specify packets to forward   seq          sequence number of an entry

The permit and deny statements are used to determine if a prefix is allowed or prevented when received from a neighbor. The description option is useful if you have many prefix lists. We can add a description to our configuration using this: 

  ip prefix-list aggregate description filter specific routes of 172.16.0.0/22

The seq (sequence number) option allows us to apply our own sequence number to each permit or deny statement. If it is not used, the default sequence numbers are applied.

After the permit or deny option comes the prefix/length entry: 

 rtrB(config)#  ip prefix-list aggregate permit ?  A.B.C.D  IP prefix <network>/<length>, e.g., 35.0.0.0/8

For our example we used: 

  ip prefix-list aggregate seq 5 permit 172.16.0.0/22

This permits the aggregate advertisement to be sent to Router A. Finally, we can further specify a range for the number of bits to match in the prefix length by using the optional parameters greater than or equal to ( ge ) or less than or equal to ( le ): 

 rtrA(config)#  ip prefix-list aggregate permit 172.16.0.0/22 ?  ge  Minimum prefix length to be matched   le  Maximum prefix length to be matched   <cr>

The possibilities are to match the following:

  • Less than or equal to a number of bits: 

      ip prefix-list aggregate permit 172.16.0.0 /22 le 23

  • Greater than a number of bits: 

      ip prefix-list aggregate permit 172.16.0.0 /22 ge 23

  • Greater than one value and less than or equal to another value: 

      ip prefix-list aggregate permit 172.16.0.0 /22 ge 23 le 24

The last form allows the more-specific routes and blocks the aggregate prefix.

Verification

The prefix list can be examined by using the show ip prefix- list or show ip prefix-list detail commands: 

 rtrB#  show ip prefix-list  ip prefix-list aggregate: 1 entries    seq 5 permit 172.16.0.0/22 rtrB#  sh ip prefix-list  detail  Prefix-list with the last deletion/insertion: aggregate ip prefix-list aggregate:    count: 1, range entries: 0, sequences: 5 - 5, refcount: 3    seq 5 permit 172.16.0.0/22 (hit count: 1, refcount: 1)

Finally, check the BGP routing table on Router A to ensure that the 172.16.0.0/22 prefix has been allowed and that the more-specific prefixes have been filtered: 

 rtrA#  show ip bgp  BGP table version is 2, local router ID is 172.17.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete    Network          Next Hop            Metric LocPrf Weight Path *> 172.16.0.0/22    10.1.1.2                               0 2 i

Configuration Example 2: Allow the More-Specific Prefixes and Block the Aggregate

For this example, we will allow the more-specific prefixes and block the aggregate. The first method uses the following prefix list: 

  ip prefix-list aggregate permit 172.16.0.0/24   ip prefix-list aggregate permit 172.16.1.0/24   ip prefix-list aggregate permit 172.16.2.0/24   ip prefix-list aggregate permit 172.16.3.0/24

The following prefix list is a more compact form that achieves the same results: 

  ip prefix-list aggregate permit 172.16.0.0/22 ge 23

The BGP router configuration on Router B remains unchanged. Because there is an implicit deny any at the end of every prefix list, we will let this implicit statement block the aggregate.

Verification

As in the previous example, check the BGP table on Router A to verify that only the more-specific prefixes of 172.16.0.0 are being allowed: 

 rtrA#  show ip bgp  BGP table version is 5, local router ID is 172.17.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete    Network          Next Hop            Metric LocPrf Weight Path *> 172.16.0.0/24    10.1.1.2                 0             0 2 i *> 172.16.1.0/24    10.1.1.2                 0             0 2 i *> 172.16.2.0/24    10.1.1.2                 0             0 2 i *> 172.16.3.0/24    10.1.1.2                 0             0 2 i
Troubleshooting

  1. Verify that the BGP neighbors are in the Established state using the show ip bgp neighbors command.

    If the neighbor relationship is not in the Established state, see section 8-23.

  2. Check the syntax of your prefix list.

 < Free Open Study > 

Previous page
Table of content
Next page
Cisco[r] BGP-4 Command and Configuration Handbook
Cisco BGP-4 Command and Configuration Handbook
ISBN: 1587055732
EAN: 2147483647
Year: 2001
Pages: 300
Authors: William R. Parkhurst
BUY ON AMAZON
ERP and Data Warehousing in Organizations: Issues and Challenges
Developing Tablet PC Applications (Charles River Media Programming)
Postfix: The Definitive Guide
Programming .Net Windows Applications
VBScript in a Nutshell, 2nd Edition
Python Programming for the Absolute Beginner, 3rd Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy