[c-nsp] filtering bgp routes

Joe Maimon jmaimon at ttec.com
Thu May 11 11:49:07 EDT 2006


If he isnt announcing it, you cannot deny it.

You can override it with other more specific routes

Alban Dani wrote:

> Richard,
> thank you.
> 
> You are right, and I have tried to convince the people that we're peering
> with to do that but to no avail.
> 
> So I am knind of stuck. Perhaps I should juist deny everything and put some
> static routes in there.
> 
> Alban
> 
> 
> On 5/11/06, Richard Mikisa <rmikisa at gmail.com> wrote:
> 
>>aha, not sure you can accept the entire /20 and then deny the 208 and
>>209. I would have my neighbour break down the prefix he is announcing
>>to something like
>>
>>216.221.208.0/23 --- which is what you want to deny
>>
>>and then the one's you want to accept accept
>>
>>216.221.210.0/23
>>216.221.212.0/22
>>216.221.216.0/21
>>
>>Would be easier to build filters based on that .
>>
>>On 5/11/06, Alban Dani <albcisco at gmail.com> wrote:
>>
>>>I am sorry,
>>>
>>>I ment I want everything but the 208 and 209, hence me trying to filter
>>>them.
>>>
>>>Thank you,
>>>
>>>
>>>Alban
>>>
>>>
>>>
>>>On 5/11/06, Richard Mikisa <rmikisa at gmail.com> wrote:
>>>
>>>>You state that you only want to receive prefixes 208 and 209 from the
>>>>neighbor, but your prefix list is a deny for both 208 and 209. I am
>>>>missing something ?
>>>>
>>>>On 5/11/06, Alban Dani <albcisco at gmail.com> wrote:
>>>>
>>>>>Hi,
>>>>>
>>>>>I got my lab going and many things are much clearer.
>>>>>
>>>>>However I still have a remaining issue.
>>>>>
>>>>>My neighboring router is advertising an aggregate 216.221.2.08/20.
>>>>>
>>>>>I do not want everything but the  216.221.208 and 216.221.209networks.
>>>>>
>>>>>I tried prefix lists like:
>>>>>
>>>>>ip prefix-list savvis-inbound deny 216.221.208.0/24
>>>>>ip prefix-list savvis-inbound deny 216.221.209.0/24
>>>>>ip prefix-list savvis-inbound permit 0.0.0.0/0 le 32
>>>>>
>>>>>but it did not filter anything?
>>>>>
>>>>>Any way I can achieve this/
>>>>>
>>>>>Thanks,
>>>>>
>>>>>Alban
>>>>>_______________________________________________
>>>>>cisco-nsp mailing list  cisco-nsp at puck.nether.net
>>>>>https://puck.nether.net/mailman/listinfo/cisco-nsp
>>>>>archive at http://puck.nether.net/pipermail/cisco-nsp/
>>>>>
>>>>
>>>>
>>>>--
>>>>cheers
>>>>Richard
>>>>
>>>
>>>
>>
>>--
>>cheers
>>Richard
>>
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> 
> 


More information about the cisco-nsp mailing list