[c-nsp] route maps and bgp

Primoz Jeroncic jp at softnet.si
Tue Oct 4 02:39:36 EDT 2005


On Mon, 3 Oct 2005, Chad Whitten wrote:

> my provider just switched me from a cisco router to a juniper router and my
> bgp session is all funky.  they are telling me i need route maps to filter
> the routes (im advertising my other neighbors routes to them).  im trying to
> advertise two networks out to each neighbor.  my config was basically
>
> router bgp AS#
> network a.b.c.d/24
> network e.f.g.h/20
> neighbor w.x.y.z remote-as ####
> neighbor w.x.y.z version 4
> neighbor 1.2.3.4 remote-as ####
> neighbor 1.2.3.4 version 4
>
> apparently with this simple config, im a transit now - and it is hitting my
> network hard.

I would say that this is basicaly their problem on one side. If they are
stupid enough not to filter stuff getting from you then it's their
problem. Personally I filter every single bgp session which we get from
our clients. It's more work but I really don't feel like trusting some
client, with usually not too much of knowleadge about bgp, that they will
know how to configure their side.
But on other side it's also your problem since someone else is using
you as upstream this way. So it's in your interest too to filter this
things. Prefix lists as other said are one way to go. But I would still
say plain access list in route map are still easier as long as your
bgp doesn't get more complex. So my solution for this would be following:

router bgp AS#
network a.b.c.d/24
network e.f.g.h/20
neighbor w.x.y.z remote-as ####
neighbor w.x.y.z version 4
neighbor w.x.y.z description Upstream
neighbor w.x.y.z route-map upstream out
! or even easier but i preffer route-maps since its more scalable
! you choose one option... route-map or distribute-list
neighbor w.x.y.z distribute-list 1 out
!
access-list 1 permit a.b.c.d 0.0.0.255
access-list 1 permit e.f.g.h 0.0.15.255
!
! no need for this part if you go with distribute-list
route-map upstream permit 10
 match ip address 1
!


Have fun,
Primoz Jeroncic
Support - IP Connectivity & Routing
-------------------------------------------------------------------
Softnet d.o.o.  tel:  +386 1 562 31 40   |
Borovec 2       fax:  +386 1 562 18 55   |       1 + 1 = 3
1236 Trzin      primoz(at)softnet.si     | for larger values of 1
Slovenija       http://flea.softnet.si/
-------------------------------------------------------------------




More information about the cisco-nsp mailing list