[c-nsp] Dumb question

Ziv Leyes zivl at gilat.net
Thu Aug 4 04:14:32 EDT 2011 

Pete, the 207.226.45.254 is the real IP for "y.y.y.y" peer, I've just forgotten to obscure it and it's seen via ISIS topology

You've got a point at the Local Policy Denied Prefixes, this is what I've get:


                                  Outbound    Inbound
  Local Policy Denied Prefixes:    --------    -------
    route-map:                            0          2
    prefix-list                      568734          0
    Total:                           568734          2

So they are indeed denied, the question is why?



-----Original Message-----
From: Peter Rathlev [mailto:peter at rathlev.dk] 
Sent: Wednesday, August 03, 2011 7:01 PM
To: Ziv Leyes
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Dumb question

Hi,

On Wed, 2011-08-03 at 18:44 +0300, Ziv Leyes wrote:
> RTR2# sh ip bgp 1.1.1.0
> BGP routing table entry for 1.1.1.0/24, version 7234660
> Paths: (1 available, no best path)
>   Not advertised to any peer
>   Local, (Received from a RR-client), (received-only)

That's a problem. For some reason the prefix was denied on RTR2 and is
thus not inserted in the RIB. Is the next-hop reachable? I.e. what does
"show ip route 207.226.45.254" say? Does "show ip bgp neighbor y.y.y.y"
say anthing interesting in the "Local Policy Denied Prefixes:" section?

> What I do find very strange is the following:
> route-map RTR1-IN, permit, sequence 10
...
> See? all the counters are zero!

The counters are only for policy routing; the will never increment by
being used for filtrering, so that's irrelevant to this.

-- 
Peter



The information contained in this e-mail message and its attachments is confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the sender, and then delete the message from your computer.  Thank you!

******** This mail was sent via Mail-SeCure System.********

 
 
************************************************************************************
This footnote confirms that this email message has been scanned by
PineApp Mail-SeCure for the presence of malicious code, vandals & computer viruses.
************************************************************************************

More information about the cisco-nsp mailing list