[nsp] ACL based on BGP community tag
Marc Xander Makkes
xander at kr85.org
Mon Jun 23 01:48:50 EDT 2003
Sean,
On Sat, Jun 21, 2003 at 04:29:48PM -0400, Sean Donelan wrote:
> In the same router, can anyone think of a way to set up the
> equivalent of an interface ACL based on a BGP community tag?
>
> What I would like to do is permit (or deny) traffic
> from certain networks by tagging the routes in BGP, such
> as only allowing "customer tagged" BGP routes to send
> packets through an particular interface. But I don't want
> to change how the router passes traffic to/from other
> interfaces.
With this way, you or the customer(it depence where you put the
route-map)can change the NEXT-HOP of the taged routes.
route-map in-customer permit 5
match ip community XXX:12345
set ip next-hop <NEXT-HOP>
!set community additive no-export
Please let me know if this is the thing that you are looking for.
Kind regards,
Marc Xander
--
On Mon, Feb 10, 2003 at 03:17:05AM -0800, Ian wrote:
> "Problems ???"
More information about the cisco-nsp
mailing list