[c-nsp] BGP as-path access list question on 1841 routers

Kenny Sallee kenny.sallee at gmail.com
Sun Apr 11 01:04:30 EDT 2010 

That depends on if both BGP neighbors support route refresh capability I
think.  Looks like it's negotiated upon BGP neighbor establishment:


001052: *Apr 10 18:32:18.372 PDT: BGP: <ip> OPEN has ROUTE-REFRESH
capability(old) for all address-families
001053: *Apr 10 18:32:18.372 PDT: BGP: <ip> rcvd OPEN w/ optional parameter
type 2 (Capability) len 2
001054: *Apr 10 18:32:18.372 PDT: BGP: <ip> OPEN has CAPABILITY code: 2,
length 0
001055: *Apr 10 18:32:18.372 PDT: BGP: <ip> OPEN has ROUTE-REFRESH
capability(new) for all address-families
001056: *Apr 10 18:32:18.372 PDT: BGP: <ip> rcvd OPEN w/ optional parameter
type 2 (Capability) len 3

Kenny

On Thu, Apr 1, 2010 at 12:11 PM, Leah Lynch (Contractor) <
leah.lynch at clearwire.com> wrote:

> Avoid the soft-reconfiguration statement altogether, it is a legacy
> command that stores an extra copy of the table. Just use clear ip bgp
> in, that will use the route refresh capability without any extra
> configuration or memory use.
>
> Leah
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Kenny Sallee
> Sent: Thursday, April 01, 2010 12:03 PM
> To: Dan Goldberg
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] BGP as-path access list question on 1841 routers
>
> You don't need to specify the 'soft-reconfiguration' under the bgp
> neighbor
> but I believe you still should do a
>
> clear ip bgp nei <ip> soft in|out
>
> or
>
> clear ip bgp nei <ASN> soft in|out
>
> Kenny
>
> On Thu, Apr 1, 2010 at 11:45 AM, Dan Goldberg <dan.goldberg at vgt.net>
> wrote:
>
> >
> > I left out a detail that may be important:
> > This is on an MPLS WAN where I control all the CEs. The PEs are all
> > provider controlled.
> > The "hubs" I mentioned are just larger CEs with a broader BGP policy
> > permitting all my AS numbers. So each routers neighbor is not under my
> > control.
> >
> > Thanks again.
> > Dan
> >
> > -----Original Message-----
> > From: cisco-nsp-bounces at puck.nether.net [mailto:
> > cisco-nsp-bounces at puck.nether.net] On Behalf Of Dan Goldberg
> > Sent: Thursday, April 01, 2010 1:10 PM
> > To: cisco-nsp at puck.nether.net
> > Subject: [c-nsp] BGP as-path access list question on 1841 routers
> >
> > Hi there,
> > I have what is probably a very simple BGP question which I wanted to
> ask.
> > The short version is how to refresh/reread an existing BGP as-path
> > access-list (with new permits added) without rebooting the router?
> >
> > The long version:
> > I run primarily IOS Version 12.4(15)T9 on 1841s with EBGP configured
> > largely as follows. I have roughly 100 sites like this. For the most
> part
> > all sites have connectivity to 2 "hubs", a NOC and an alternative
> (BCP) NOC.
> > Tail sites are not supposed to be able to reach each other or even
> know
> > about each other (through BGP) in most cases. That is what the as-path
> > access list provides.
> >
> > There are some cases where there are groups of ASes that I want to
> allow
> > BGP to learn about each other. These relationships are built sometimes
> > arbitrarily.
> >
> > <all numbers are faked>
> > router bgp 65534
> > network blah mask 255.255.255.255
> > neighbor www.xxx.yyy.zzz remote-as 65533
> >  neighbor www.xxx.yyy.zzz filter-list 1 in
> > !
> > ip as-path access-list 1 permit 64542
> > ip as-path access-list 1 permit 64543
> >
> > I have found that if I start with the above as-path filter and then
> add a
> > new permit to the filter as below:
> > ip as-path access-list 1 permit 64551
> >
> > #sho ip bgp neighbors shows:
> > Neighbor capabilities:
> >    Route refresh: advertised and received(old & new)
> >
> > The question (finally):
> > Can I use a soft restart to re-read the as-path access-list?
> > Do I need to add a "neighbor soft-reconfiguration" statement to BGP
> first?
> > Is there another method to force a reread of the filter-list without
> losing
> > connectivity to the router?
> >
> > Thanks I appreciate your feedback.
> >
> > --
> > Dan Goldberg
> > <title removed due to other thread>
> > Video Gaming Technologies, Inc.
> > 434-992-5450
> >
> >
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
> This email may contain confidential and privileged material for the sole
> use of the intended recipient. Any review, use, distribution or disclosure
> by others is strictly prohibited. If you are not the intended recipient (or
> authorized to receive for the recipient), please contact the sender by reply
> email and delete all copies of this message.
>
>
>

More information about the cisco-nsp mailing list