[c-nsp] Filtered BGP routes

Peter Rathlev peter at rathlev.dk
Fri Dec 14 16:09:27 EST 2007 

On Fri, 2007-12-14 at 12:52 -0800, Daniel Faubel wrote:
> Maybe I am asking the question in the wrong way.
> 
> In a Foundry router when I type in this:
> sh ip bgp neighbors IP_ADDRESS received-routes
> 
> 
> I get this very near the top:
> Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST C:CONFED_EBGP D:DAMPED
>        E:EBGP H:HISTORY I:IBGP L:LOCAL M:MULTIPATH S:SUPPRESSED
> F:FILTERED
> 
> 
> Filtered being what I have filtered based off of prefix or as-path
> lists.
> 
> 
> On the Cisco I type in this:
> sh ip bgp neighbors IP_ADDRESS received-routes
> 
> And get this near the top:
> Status codes: s suppressed, d damped, h history, * valid, > best, i -
> internal,
>               r RIB-failure, S Stale
> Origin codes: i - IGP, e - EGP, ? - incomplete
> 
> 
> 
> I understand how to view the routes I am getting from the peer. How do I
> view the filtered/blocked/denied routes?

Hmm... I'll try with an example. This is done using a C3560 running IP
SERVICES, and is done inside a VRF, but that shouldn't make any
difference.

I have a CE router (the C3560) neighboring a PE router in the
"mjna_servpri" VRF. Here are some show commands (with slight
reformatting):

! ce-aars-bladec-1#sh ip bgp vpnv4 vrf mjna_servpri
! BGP table version is 104, local router ID is 10.255.48.2
! Status codes: s suppressed, d damped, h history, * valid, > best,
!    i - internal, r RIB-failure, S Stale
! Origin codes: i - IGP, e - EGP, ? - incomplete
! 
!    Network          Next Hop            Metric LocPrf Weight Path
! Route Distinguisher: 64512:321 (default for vrf mjna_servpri)
! *> 0.0.0.0          10.255.48.17                           0 64512 i
! *> 10.253.255.208/29
!                     0.0.0.0                  0         32768 i

Here I only receive a default route and source one network locally. The
relevant configuration is:

ip prefix-list ONLY-DEFAULT permit 0.0.0.0/0
ip prefix-list ONLY-DEFAULT deny 0.0.0.0/0 le 32
!
router bgp 64982
 address-family ipv4 vrf mjna_servpri
  neighbor 10.255.48.17 remote-as 64512
  neighbor 10.255.48.17 activate
  neighbor 10.255.48.17 prefix-list ONLY-DEFAULT in
  neighbor 10.255.48.17 soft-reconfiguration inbound
  exit-address-family
 !
 exit
!

! ce-aars-bladec-1#sh ip bgp vpnv4 vrf mjna_servpri sum
! <snip>
! Neighbor     V    AS  MsgR MsgS TblV InQ OutQ Up/Down   State/PfxR
! 10.255.48.17 4 64512  3991 3974  104   0    0 00:53:11  1

The summary shows that I "receive" 1 prefix, and that is after
filtering. Now the "received-routes":

! ce-aars-bladec-1#sh ip bgp vpnv4 vrf mjna_servpri nei 10.255.48.17 
!    received-routes
! BGP table version is 104, local router ID is 10.255.48.2
! Status codes: s suppressed, d damped, h history, * valid, > best,
!    i - internal, r RIB-failure, S Stale
! Origin codes: i - IGP, e - EGP, ? - incomplete
! 
!    Network          Next Hop      Weight Path
! Route Distinguisher: 64512:321 (default for vrf mjna_servpri)
! *  0.0.0.0          10.255.48.17       0 64512 i
! *  10.248.21.0/28   10.255.48.17       0 64512 i
! *  10.253.2.0/24    10.255.48.17       0 64512 64983 i
! *  10.253.2.10/32   10.255.48.17       0 64512 65017 i
! *  10.253.2.11/32   10.255.48.17       0 64512 65017 i
! *  10.253.33.0/24   10.255.48.17       0 64512 64983 i
! *  10.253.251.0/24  10.255.48.17       0 64512 64983 i
! *  10.253.252.0/24  10.255.48.17       0 64512 64983 i
! *  10.253.254.0/24  10.255.48.17       0 64512 65010 i
! *  10.253.255.0/24  10.255.48.17       0 64512 65021 64991 i
! *  10.253.255.6/32  10.255.48.17       0 64512 64983 i
! *  10.253.255.20/32 10.255.48.17       0 64512 64983 i
! *  10.253.255.200/32
!                     10.255.48.17       0 64512 64983 i
! 
! Total number of prefixes 13 
! ce-aars-bladec-1#

This show me all the prefixes the neighbor sent me. They're not
installed in the BGP table, but are saved:

! ce-aars-bladec-1#sh ip bgp vpnv4 vrf mjna_servpri nei 10.255.48.17 
! BGP neighbor is 10.255.48.17,  vrf mjna_servpri,  remote AS 64512,
!                                                        external link
!   BGP version 4, remote router ID 10.252.255.8
!   BGP state = Established, up for 01:04:47
<snip>
!  Inbound soft reconfiguration allowed
!                                Sent       Rcvd
!  Prefix activity:               ----       ----
!    Prefixes Current:               1          1 (Consumes 952 bytes)
!    Prefixes Total:                 1          1
!    Implicit Withdraw:              1          0
!    Explicit Withdraw:              0          0
!    Used as bestpath:             n/a          1
!    Used as multipath:            n/a          0
!    Saved (soft-reconfig):        n/a         13 (Consumes 884 bytes)
!
!                                   Outbound    Inbound
!  Local Policy Denied Prefixes:    --------    -------
!    prefix-list                           0         12
!    Bestpath from this peer:              2        n/a
!    Total:                                2         12
!  Number of NLRIs in the update sent: max 0, min 0

I hope this sheds a little more light on the problem.

BTW: If I try the "show ... received-routes" without soft reconfig
enabled on this platform, I get:

ce-aars-bladec-1#sh ip bgp nei 10.241.16.253 received-routes  
% Inbound soft reconfiguration not enabled on 10.241.16.253
ce-aars-bladec-1#

Regards,
Peter Rathlev

More information about the cisco-nsp mailing list