[c-nsp] Is there a command to check which BGP ingress policy drops the received prefix in Cisco ASR routers?

Ákos Aranyi aranyi.akos92 at gmail.com
Mon Aug 10 10:08:57 EDT 2015


Hi,

In XR these two commands might be able to help you match your table against
existing route-policies;

RP/0/RSP0/CPU0:TEST#sh bgp vpnv4 unicast vrf <vrf> route-policy
<route-policy>

also works on global table

RP/0/RSP0/CPU0:TEST#sh bgp vpnv4 unicast vrf <vrf> policy route-policy
<route-policy> [summary]

Not sure if this helps.

Regards,
-Akos

2015-08-10 13:34 GMT+01:00 Martin T <m4rtntns at gmail.com>:

> Mark,
>
> thank you for confirming this!
>
>
> regards,
> Martin
>
> On 8/10/15, Mark Tinka <mark.tinka at seacom.mu> wrote:
> >
> >
> > On 10/Aug/15 09:14, Martin T wrote:
> >> Mark,
> >>
> >> I agree that it is most likely because of inbound policy applied to
> >> that neighbor session. Even the "sh bgp neighbor" for that particular
> >> BGP session shows that:
> >>
> >>   Cumulative no. of prefixes denied: 11.
> >>     No policy: 0, Failed RT match: 0
> >>     By ORF policy: 0, By policy: 11
> >>
> >> While I did not find a Cisco documentation which explains the
> >> cumulative number of prefixes denied by policy, I guess it is the
> >> number of prefixes dropped by inbound policies over the time.
> >>
> >> However, inbound policy for this BGP neighbor is built of dozen other
> >> route-policies using the "apply"(executes a policy from within another
> >> policy) statement. I was hoping that maybe there is a command which
> >> displays exactly which route-policy drops the prefix.
> >
> > Hmmh, don't know of such a command in any router OS code. You'll just
> > have to go through the entire policy, line by line.
> >
> > I know Junos has the ability for you test your policies against the
> > routing table to see what they match. Don't know of such a command in
> > IOS XR, although I'm not sure it would help in this case.
> >
> > Mark.
> >
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>


More information about the cisco-nsp mailing list