Wednesday, 3 April 2013

OUTBOUND ROUTE FILTERING


This is a very cool feature cos it saves bandwidth. i.e. A will tell B that it does not need a set of routes, so B does not need to send it at all.
Default configs include ip address and bgp neighbor  relationship
r1
int s0/1
ip add 20.20.20.1 255.255.255.0
no shut
int  s0/0
ip add 10.10.10.1 255.255.255.0
no shut
int lo 1
ip add 1.1.1.1 255.255.255.0
no shut
exit
ip route 22.22.22.0 255.255.255.0 s0/0
router eigrp 1
network 20.20.20.0 0.0.0.255
network 1.1.1.1 0.0.0.0
no auto-summary
exit
router bgp 100
nei 22.22.22.22 remote-as 222
nei 22.22.22.22 update-source lo 1
nei 22.22.22.22 ebgp-multihop 2
nei 2.2.2.2 remote-as 100
nei 2.2.2.2 update-source lo 1
nei 2.2.2.2 next-hop-self
nei 3.3.3.3 remote-as 100
nei 3.3.3.3 update-source lo 1
nei 3.3.3.3 next-hop-self
bgp router-id 1.1.1.1
no synchronization


r2
int s0/1
ip add 20.20.20.2 255.255.255.0
no shut
int  s0/0
ip add 30.30.30.2 255.255.255.0
no shut
int s0/2
ip add 50.50.50.2 255.255.255.0
no shut
int lo 1
ip add 2.2.2.2 255.255.255.0
no shut
exit
ip route 11.11.11.0 255.255.255.0 s0/2
router eigrp 1
network 20.20.20.0 0.0.0.255
network 30.30.30.0 0.0.0.255
network 2.2.2.2 0.0.0.0
no auto-summary
exit
router bgp 100
nei 11.11.11.11 remote-as 111
nei 11.11.11.11 update-source lo 1
nei 11.11.11.11 ebgp-multihop 2
nei 1.1.1.1 remote-as 100
nei 1.1.1.1 update-source lo 1
nei 1.1.1.1 next-hop-self
nei 3.3.3.3 remote-as 100
nei 3.3.3.3 update-source lo 1
nei 3.3.3.3 next-hop-self
bgp router-id 2.2.2.2
no synchronization


r3
int s0/1
ip add 30.30.30.1 255.255.255.0
no shut
int  s0/0
ip add 40.40.40.1 255.255.255.0
no shut
int lo 1
ip add 3.3.3.3 255.255.255.0
no shut
exit
ip route 22.22.22.0 255.255.255.0 s0/0
router eigrp 1
network 30.30.30.0 0.0.0.255
network 3.3.3.3 0.0.0.0
no auto-summary
exit
router bgp 100
nei 22.22.22.22 remote-as 222
nei 22.22.22.22 update-source lo 1
nei 22.22.22.22 ebgp-multihop 2
nei 2.2.2.2 remote-as 100
nei 2.2.2.2 update-source lo 1
nei 2.2.2.2 next-hop-self
nei 1.1.1.1 remote-as 100
nei 1.1.1.1 update-source lo 1
nei 1.1.1.1 next-hop-self
bgp router-id 3.3.3.3
no synchronization



ISP2
int s0/1
ip add 10.10.10.2 255.255.255.0
no shut
int  s0/0
ip add 40.40.40.2 255.255.255.0
no shut
int lo 1
ip add 22.22.22.22 255.255.255.0
no shut
int lo 2
ip add 23.23.23.23 255.255.255.0
no shut
exit
ip route 1.1.1.0 255.255.255.0 s0/0
ip route 3.3.3.0 255.255.255.0 s0/1
router bgp 222
nei 1.1.1.1 remote-as 100
nei 1.1.1.1 update-source lo 1
nei 1.1.1.1 ebgp-multihop 2
nei 3.3.3.3 remote-as 100
nei 3.3.3.3 update-source lo 1
nei 3.3.3.3 ebgp-multihop 2
bgp router-id 22.22.22.22
no synchronization


ISP1
int  s0/0
ip add 50.50.50.1 255.255.255.0
no shut
int lo 1
ip add 11.11.11.11 255.255.255.255
no shut
int lo 2
ip add 12.12.12.12 255.255.255.0
no shut
exit
ip route 2.2.2.0 255.255.255.0 s0/0
router bgp 111
nei 2.2.2.2 remote-as 100
nei 2.2.2.2  update-source lo 1
nei 2.2.2.2  ebgp-multihop 2
bgp router-id 11.11.11.11
no synchronization

1)  isp2 shld advertise network 23.23.23.0/24 out but isp1 shld not rcv it.Configure routers in such a way that changing the inbound filtering policy on ISP1 should force R2 to apply the right filtering preventing it from sending prefixes ISP1 does not wish to receive.
Lets confirm that ISP2 is advertising the route and also confirm ISP1 is receiving it
ISP2#sh ip bgp
*> 23.23.23.0/24    0.0.0.0                  0         32768 i

ISP1#sh ip bgp
   Network          Next Hop            Metric  LocPrf  Weight    Path
*> 23.23.23.0/24    2.2.2.2                                          0          100 222 i

Now lets configure routers ISP1 and R2
ISP1(conf)#ip prefix-list A seq 5 deny 23.23.23.0/24
                ip prefix-list A seq 10 permit 0.0.0.0/0 le 32
                router bgp 111
                nei 2.2.2.2 capability orf prefix-list send                 [ISP1 sends to R2 the routes it doesnot need]
                nei 2.2.2.2 prefix-list A in
                do clear ip bgp 2.2.2.2 in
                do clear ip bgp 2.2.2.2 out

Going to R2, we need to tell it to accept the orf prefix-list
R2(conf)#router bgp 100
                nei 11.11.11.11 capability orf prefix-list receive
                do clear ip bgp 11.11.11.11 in
                do clear ip bgp 11.11.11.11 out

Now lets prove that our config rocks
ISP1# sh ip bgp nei 2.2.2.2
  Outbound Route Filter (ORF) type (128) Prefix-list:
      Send-mode: advertised                          [advertised means ISP1 is cfged for send-mode]
      Receive-mode: received
  Outbound Route Filter (ORF): sent;
  Incoming update prefix filter list is A

R2# sh ip bgp nei 11.11.11.11
   Outbound Route Filter (ORF) type (128) Prefix-list:
      Send-mode: received
      Receive-mode: advertised
  Outbound Route Filter (ORF): received (2 entries)

R2#sh ip bgp nei 11.11.11.11 advertised-route
This displays empty route since ntwk 23.23.23.0 would not be sent to 11.11.11.11 bcos of the prefix-list

ISP1# sh ip bgp
   Network          Next Hop            Metric LocPrf Weight Path
*> 12.12.12.0/24    0.0.0.0                  0                  32768 i
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)