[c-nsp] Problem with route-maps and communities

Marco Matarazzo marmata at libero.it
Mon Sep 5 04:25:02 EDT 2005 

> Is the other peer you are getting the routes from in your AS as well
> (iBGP)? iBGP routers would not relay routes learned from other iBGP
> peers, unless they are route reflectors.

Exactly... that was the problem! After posting the messages and re-reading
the configs I remembered... I'll just do the Right Thing (r) and full mesh
the iBGP cloud!

Thanks!
]\/[arco

Arie

On 9/1/05, Marco Matarazzo <marmata at libero.it> wrote:
> Hi all,
>
> I'm trying to send to an iBGP neighbor some routes based on a community.
But
> there must be something REALLY wrong in my config...
>
> This is the relevant config of the first (main) router:
>
> i#sh ver
> Cisco Internetwork Operating System Software
> IOS (tm) 7200 Software (C7200-IK9O3S-M), Version 12.3(1a), RELEASE
SOFTWARE
> (fc1)
> cisco 7206VXR (NPE400) processor (revision A) with 245760K/16384K bytes of
> memory.
>
> router bgp 8980
>  no synchronization
>  bgp router-id 213.171.160.1
>  bgp cluster-id 3559115777
>  bgp log-neighbor-changes
>  bgp dampening
>  network 212.35.xxx.xxx mask 255.255.224.0
>  network 213.171.xxx.xxx mask 255.255.224.0
>  neighbor 81.29.x.y remote-as ISPAS
>  neighbor 81.29.x.y prefix-list MYPREFIX out
>  neighbor 81.29.x.y weight 50
>  neighbor 213.171.x.y remote-as MYAS
>  neighbor 213.171.x.y description iBGP
>  neighbor 213.171.x.y update-source Loopback0
>  neighbor 213.171.x.y next-hop-self
>  neighbor 213.171.x.y send-community
>  neighbor 213.171.x.y default-originate
>  neighbor 213.171.x.y route-map IBGPOUT out
>  neighbor 213.171.x.z remote-as MYAS
>  neighbor 213.171.x.z prefix-list MIXIN in
>  neighbor 213.171.x.z route-map MIXIN in
>  neighbor 213.171.x.z route-map MIXOUT out
>  neighbor 213.171.x.z update-source Loopback0
>  neighbor 213.171.x.z weight 300
>  no auto-summary
>
> ip community-list standard mixlearned permit 588513380
>
> ip prefix-list MYPREF seq 5 permit 212.35.192.0/19
> ip prefix-list MYPREF seq 10 permit 213.171.160.0/19
> ip prefix-list MYPREF seq 15 permit 0.0.0.0/0
>
>
> route-map IBGPOUT permit 10
>  match community mixlearned
> !
> route-map IBGPOUT permit 20
>  match ip address prefix-list MYPREF
>
> route-map MIXOUT permit 10
>  match as-path 2
>  set local-preference 100
>
> route-map MIXIN permit 10
>  set community 588513380
>
>
> 213.171.x.y is the peer I'm having problems. Basically I apply a route-map
> to incoming routes from 213.171.x.z (located in a local Internet Exchange)
> and I add a community to them. I want to announce only this tagged routes,
> together with a default and my own prefixes to an iBGP neighbor.
> Unfortunately I can't give this neighbor ALL the routes since it only has
> 128Mb of memory.
>
> a #sh ip bgp route-map IBGPOUT shows correctly all the intended routes.
>
> but a #sh ip bgp ne 213.171.x.y shows:
>
>  For address family: IPv4 Unicast
>   BGP table version 792109, neighbor version 792109
>   Index 3, Offset 0, Mask 0x8
>   NEXT_HOP is always this router
>   Community attribute sent to this neighbor
>   Default information originate, default sent
>   Outbound path policy configured
>   Route map for outgoing advertisements is IBGPOUT
>                                  Sent       Rcvd
>   Prefix activity:               ----       ----
>     Prefixes Current:               2          0
>     Prefixes Total:                10          1
>     Implicit Withdraw:              8          0
>     Explicit Withdraw:              0          1
>     Used as bestpath:             n/a          0
>     Used as multipath:            n/a          0
>
>                                    Outbound    Inbound
>   Local Policy Denied Prefixes:    --------    -------
>     route-map:                       812258          0
>     Bestpath from iBGP peer:          34735        n/a
>     Total:                           846993          0
>
> The router is only advertising my prefixes and the default. All other
routes
> are "Local Policy Denied" by the route-map (I can see the counters going
> up). I've clear the peers a couple of thousands of times... :D
>
> What could be wrong?!?!? If you need the config of the other router, no
> probs. But it shouldn't care, as the routes are being blocked at this
> router!
>
> Thanks!
> ]\/[arco
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list