[c-nsp] Is there a command to check which BGP ingress policy drops the received prefix in Cisco ASR routers?

Martin T m4rtntns at gmail.com
Mon Aug 10 08:34:15 EDT 2015


thank you for confirming this!


On 8/10/15, Mark Tinka <mark.tinka at seacom.mu> wrote:
> On 10/Aug/15 09:14, Martin T wrote:
>> Mark,
>> I agree that it is most likely because of inbound policy applied to
>> that neighbor session. Even the "sh bgp neighbor" for that particular
>> BGP session shows that:
>>   Cumulative no. of prefixes denied: 11.
>>     No policy: 0, Failed RT match: 0
>>     By ORF policy: 0, By policy: 11
>> While I did not find a Cisco documentation which explains the
>> cumulative number of prefixes denied by policy, I guess it is the
>> number of prefixes dropped by inbound policies over the time.
>> However, inbound policy for this BGP neighbor is built of dozen other
>> route-policies using the "apply"(executes a policy from within another
>> policy) statement. I was hoping that maybe there is a command which
>> displays exactly which route-policy drops the prefix.
> Hmmh, don't know of such a command in any router OS code. You'll just
> have to go through the entire policy, line by line.
> I know Junos has the ability for you test your policies against the
> routing table to see what they match. Don't know of such a command in
> IOS XR, although I'm not sure it would help in this case.
> Mark.

More information about the cisco-nsp mailing list