< Free Open Study > |
8-26 neighbor { ip-address peer- group - name } route-map route-map-name outSyntax Description:
Purpose: A route map is an extremely powerful tool for route filtering and BGP attribute manipulation. Appendix C contains a complete discussion of route map logic. In this section, we will examine common uses of a route map for route filtering and BGP attribute manipulation. Cisco IOS Software Release: 10.0. Peer group support was added in Release 11.0. Configuration Example 1: Basic Route Filter Using an IP Standard Access ListThe configuration shown in Figure 8-26 will be used for each route map example in this section. Figure 8-26. Configuration Used to Demonstrate the Use of an Output Route Map
Router A router bgp 1 neighbor 10.1.1.2 remote-as 2 __________________________________________________________________________ Router B interface loopback 0 ip address 172.16.0.1 255.255.255.0 ! interface loopback 1 ip address 172.16.1.1 255.255.255.0 ! interface loopback 2 ip address 172.16.2.1 255.255.255.0 ! interface loopback 3 ip address 172.16.3.1 255.255.255.0 ! router bgp 2 neighbor 10.1.1.1 remote-as 1 network 172.16.0.0 mask 255.255.255.0 network 172.16.1.0 mask 255.255.255.0 network 172.16.2.0 mask 255.255.255.0 network 172.16.3.0 mask 255.255.255.0 Before looking at the first route map example, verify that Router A is receiving the four 172.16 prefixes from Router B: rtrA# show ip bgp BGP table version is 5, local router ID is 172.17.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 172.16.0.0/24 10.1.1.2 0 0 2 i *> 172.16.1.0/24 10.1.1.2 0 0 2 i *> 172.16.2.0/24 10.1.1.2 0 0 2 i *> 172.16.3.0/24 10.1.1.2 0 0 2 i We want to use an output route map on Router B to block network 172.16.1.0/24. We could use a neighbor distribute list (see section 8-7) or prefix list (see section 8-21) to accomplish this task, but because this section concerns route maps, we might as well use one. Configure the following route map on Router B: Router B router bgp 2 neighbor 10.1.1.1 remote-as 1 neighbor 10.1.1.1 route-map filter out ! access-list 1 deny 172.16.1.0 0.0.0.255 access-list 1 permit any ! route-map filter permit 10 match ip address 1 Whenever you change a policy with a neighbor, you need to restart the BGP session by using clear ip bgp * or clear ip bgp neighbor-address. For this example, use clear ip bgp 10.1.1.1 on Router B. Because we are either denying or permitting a route, we do not need any set commands in the route map. Each route or prefix advertised to Router A will be processed by the output route map with a name filter. The result of a route map is to either permit or deny an action. The action in this example is to permit routes to be advertised to a BGP neighbor. VerificationVerify that the prefix 172.16.1.0/24 has been filtered: rrtA# show ip bgp BGP table version is 22, local router ID is 172.17.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 172.16.0.0/24 10.1.1.2 0 0 2 i *> 172.16.2.0/24 10.1.1.2 0 0 2 i *> 172.16.3.0/24 10.1.1.2 0 0 2 i Configuration Example 2: Manipulate AS Path InformationA route map will be used on Router B to adjust the AS path information sent to Router A. Normally, Router B would append only its AS number to the updates sent to Router A. For this example, we will prepend an additional AS number to the routes. The route map required to accomplish this is shown in the following configuration: Router B router bgp 2 neighbor 10.1.1.1 remote-as 1 neighbor 10.1.1.1 route-map filter out ! route-map filter permit 10 set as-path prepend 6 VerificationVerify that the routes received by Router A have the AS number 6 prepended to the AS path information: rtrA# show ip bgp BGP table version is 17, local router ID is 192.16.2.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 172.16.0.0/24 10.1.1.2 0 0 2 6 i *> 172.16.1.0/24 10.1.1.2 0 0 2 6 i *> 172.16.2.0/24 10.1.1.2 0 0 2 6 i *> 172.16.3.0/24 10.1.1.2 0 0 2 6 i Configuration Example 3: Append AS Information to Selected RoutesIn the preceding example, the AS number 6 was prepended to all routes advertised by Router B. In this example, we want to prepend this AS number only to the route 172.16.2.0/24. This requires a match condition in the route map, as shown in the following configuration: Router B router bgp 2 neighbor 10.1.1.1 remote-as 1 neighbor 10.1.1.1 route-map filter out ! access-list 1 permit 172.16.2.0 0.0.0.255 ! route-map filter permit 10 match ip add 1 set as-path prepend 6 route-map filter permit 20 The route-map filter permit 20 statement is the default case. Without it, routes not matching access list 1 would be denied . VerificationVerify that the AS number 6 has been applied to only the 172.16.2.0/24 prefix: rtrA# show ip bgp BGP table version is 28, local router ID is 192.16.2.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 172.16.0.0/24 10.1.1.2 0 0 2 i *> 172.16.1.0/24 10.1.1.2 0 0 2 i *> 172.16.2.0/24 10.1.1.2 0 0 2 6 i *> 172.16.3.0/24 10.1.1.2 0 0 2 i Configuration Example 4: Modify the COMMUNITY AttributeThe COMMUNITY attribute can be used to group prefixes, and then policies can be applied to the community as a whole. In this example, we will set the community value for prefixes 172.16.0.0/24 through 172.16.3.0/24 to 1, 2, 3, and 4, respectively: router bgp 2 network 172.16.0.0 mask 255.255.255.0 network 172.16.1.0 mask 255.255.255.0 network 172.16.2.0 mask 255.255.255.0 network 172.16.3.0 mask 255.255.255.0 neighbor 10.1.1.1 send-community neighbor 10.1.1.1 route-map filter out ! access-list 1 permit 172.16.0.0 0.0.0.255 access-list 2 permit 172.16.1.0 0.0.0.255 access-list 3 permit 172.16.2.0 0.0.0.255 access-list 4 permit 172.16.3.0 0.0.0.255 ! route-map filter permit 10 match ip address 1 set community 1 ! route-map filter permit 20 match ip address 2 set community 2 ! route-map filter permit 30 match ip address 3 set community 3 ! route-map filter permit 40 match ip address 4 set community 4 ! route-map filter permit 50 Don't forget to use the neighbor send-community command. Without it, the community values we are setting will not be advertised. The last stanza in the route map is the default case. We will pass all routes unmodified that don't match the first four route map stanzas. VerificationVerify the new community settings on Router A: rtrA# show ip bgp community 1 BGP table version is 50, local router ID is 192.16.2.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 172.16.0.0/24 10.1.1.2 0 0 2 I rtrA# show ip bgp community 2 BGP table version is 50, local router ID is 192.16.2.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 172.16.1.0/24 10.1.1.2 0 0 2 I rtrA# show ip bgp community 3 BGP table version is 50, local router ID is 192.16.2.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 172.16.2.0/24 10.1.1.2 0 0 2 I rtrA# show ip bgp community 4 BGP table version is 50, local router ID is 192.16.2.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 172.16.3.0/24 10.1.1.2 0 0 2 I Troubleshooting
|
< Free Open Study > |