[c-nsp] eBGP no-export

Steve Bertrand steve at ibctech.ca
Fri Jan 23 18:15:32 EST 2009


Hi everyone,

I've got a bit of confusion about how to prevent an eBGP peer from
redistributing an announced route to outside AS's.

What I want to do is advertise a single route to an eBGP peer, and
somehow ensure that they will not advertise it to any of its external
peers. (I don't want them to become a transit for me).

Is this somewhat close to being correct?:

router bgp 14270
 bgp log-neighbor-changes
 network 208.70.104.0 mask 255.255.248.0
 neighbor 208.70.111.70 remote-as xxxxx
 neighbor 208.70.111.70 send-community
 neighbor 208.70.111.70 prefix-list REMOTE-IN in
 neighbor 208.70.111.70 route-map COMMUNITY out
 neighbor 208.70.111.70 maximum-prefix 1
!
!
ip prefix-list REMOTE-IN seq 5 permit x.x.x.x/24
ip prefix-list REMOTE-IN seq 10 deny 0.0.0.0/0 le 32
!
ip prefix-list IPV4-OUT seq 5 permit 208.70.104.0/21
ip prefix-list IPV4-OUT seq 10 deny 0.0.0.0/0 le 32
!
route-map COMMUNITY permit 10
 match ip address IPV4-OUT
 set community no-export

If the above is correct, will BGP by default honour the no-export community?

IOW, in order to have the same no-export policy at my side for the
learnt route, do I have to do anything in particular to assign it to the
no-export community, or will BGP do this by default?

Thanks,

Steve


More information about the cisco-nsp mailing list