[c-nsp] BGP as-path access list question on 1841 routers
Dan Goldberg
dan.goldberg at vgt.net
Thu Apr 1 14:45:50 EDT 2010
I left out a detail that may be important:
This is on an MPLS WAN where I control all the CEs. The PEs are all provider controlled.
The "hubs" I mentioned are just larger CEs with a broader BGP policy permitting all my AS numbers. So each routers neighbor is not under my control.
Thanks again.
Dan
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Dan Goldberg
Sent: Thursday, April 01, 2010 1:10 PM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] BGP as-path access list question on 1841 routers
Hi there,
I have what is probably a very simple BGP question which I wanted to ask.
The short version is how to refresh/reread an existing BGP as-path access-list (with new permits added) without rebooting the router?
The long version:
I run primarily IOS Version 12.4(15)T9 on 1841s with EBGP configured largely as follows. I have roughly 100 sites like this. For the most part all sites have connectivity to 2 "hubs", a NOC and an alternative (BCP) NOC. Tail sites are not supposed to be able to reach each other or even know about each other (through BGP) in most cases. That is what the as-path access list provides.
There are some cases where there are groups of ASes that I want to allow BGP to learn about each other. These relationships are built sometimes arbitrarily.
<all numbers are faked>
router bgp 65534
network blah mask 255.255.255.255
neighbor www.xxx.yyy.zzz remote-as 65533
neighbor www.xxx.yyy.zzz filter-list 1 in
!
ip as-path access-list 1 permit 64542
ip as-path access-list 1 permit 64543
I have found that if I start with the above as-path filter and then add a new permit to the filter as below:
ip as-path access-list 1 permit 64551
#sho ip bgp neighbors shows:
Neighbor capabilities:
Route refresh: advertised and received(old & new)
The question (finally):
Can I use a soft restart to re-read the as-path access-list?
Do I need to add a "neighbor soft-reconfiguration" statement to BGP first?
Is there another method to force a reread of the filter-list without losing connectivity to the router?
Thanks I appreciate your feedback.
--
Dan Goldberg
<title removed due to other thread>
Video Gaming Technologies, Inc.
434-992-5450
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list