[nsp] BGP filter issue
Alban Dani
adani at stevens.edu
Fri Jan 30 09:18:46 EST 2004
Hi Sean,
Here is some of the output from the command you suggested.
This output is taken from another router that has the same filter
applied.
For the moment I can not put the filter back on the original router.
router#sh ip bgp regexp ^19262 [0-9]+$
BGP table version is 79535136, local router ID is xxx.xxx.xxx.xxx
Status codes: s suppressed, d damped, h history, * valid, > best, i -
internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 128.6.0.0 130.156.250.93 0 0 19262 46 i
*> 128.235.0.0 130.156.250.93 0 0 19262 4246
i
*> 128.235.160.0/20 130.156.250.93 0 0 19262 4246
i
*> 128.235.240.0/23 130.156.250.93 0 0 19262 4246
i
*> 130.68.0.0/17 130.156.250.93 0 0 19262 205 i
*> 130.68.128.0/18 130.156.250.93 0 0 19262 205 i
*> 130.68.192.0/19 130.156.250.93 0 0 19262 205 i
*> 130.156.17.0/24 130.156.250.93 0 0 19262 18794
i
*> 130.156.142.0/23 130.156.250.93 2654 0 19262 26635
i
*> 130.156.144.0/22 130.156.250.93 2654 0 19262 26635
i
*> 130.156.148.0/24 130.156.250.93 2654 0 19262 26635
i
*> 130.219.0.0/19 130.156.250.93 0 0 19262 11094
?
*> 130.219.0.0 130.156.250.93 0 0 19262 11094
i
*> 130.219.32.0/21 130.156.250.93 0 0 19262 11094
?
*> 130.219.40.0/21 130.156.250.93 0 0 19262 11094
?
*> 130.219.48.0/20 130.156.250.93 0 0 19262 11094
?
*> 130.219.64.0/19 130.156.250.93 0 0 19262 11094
?
*> 130.219.96.0/20 130.156.250.93 0 0 19262 11094
?
Thanks for your help,
Alban
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Sean Mathias
Sent: Thursday, January 29, 2004 5:48 PM
To: Alban Dani; cisco-nsp at puck.nether.net
Subject: RE: [nsp] BGP filter issue
With the filter in place, can you look at the output of show ip bgp
regexp ^19262 [0-9]+$ to see if it is matching as you expected it to?
Sean Mathias
CCIE #12779
206-920-0301
seanm at prosolve.com
-----Original Message-----
From: Alban Dani [mailto:adani at stevens.edu]
Sent: Thursday, January 29, 2004 1:14 PM
To: cisco-nsp at puck.nether.net
Subject: [nsp] BGP filter issue
Hello,
Recently I experienced a weird issue with our internet connection.
We have a Cisco 7200 connected to our ISP ( Verizon).
A month ago we applied a bgp filter on the inbound that would accept bgp
routing updates only from our neighbor AS and the one next to it.
ip as-path access-list 6 permit ^19262$
ip as-path access-list 6 permit ^19262 [0-9]+$
ip as-path access-list 6 deny .*
Last week we started having issues with the internet connection for
several employees that connected remotely to our network. After some
research we figured that people that were connected to ISP-s that were
no more then two AS hops from us were having the problem ( and we could
find their networks in the bgp table ). On the other hand people who
were more then two AS hops away were just fine. Their networks could not
be found in the bgp table (as excpected because of the filter ) and
they were taking the default route outside.
We took the filter out today and everything is back to normal.
Can anybody explain this? Is it a bug? A design flow? Is it the ISP?
Thanks in advance
Alban
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list