[c-nsp] Deny default route (From customer - BGP)

CiscoNSP List cisconsp_list at hotmail.com
Tue Mar 10 02:27:43 EDT 2015


Ah - Thank-you! 

Date: Tue, 10 Mar 2015 07:06:20 +0100
Subject: Re: [c-nsp] Deny default route (From customer - BGP)
From: fredrik at lonnman.se
To: cisconsp_list at hotmail.com
CC: cisco-nsp at puck.nether.net

show ip bgp nei xyz received-routes will give you the routes as you received them _before_ your own filtering. Use show ip bgp nei xyz routes instead.
Regards,Fredrik

On 10 March 2015 at 03:40, CiscoNSP List <cisconsp_list at hotmail.com> wrote:
Hi Everyone,



Only had a few hours sleep, so I may be overlooking something extremely obvious...but we are receiving a default from a customer, even though route-map/prefix list *should* block it...

router bgp xxx

...

address-family ipv4

...

neighbor CUST_A route-map CUST_A-BGP-IN in



ip prefix-list PL_DENY_DEFAULT seq 5 permit 0.0.0.0/0

ip prefix-list PL_CUST_A_BGP_PREFIXES seq 5 permit xxx.xxx.xxx.0/24



route-map CUST_A-BGP-IN deny 5

match ip address prefix-list PL_DENY_DEFAULT

route-map CUST_A-BGP-IN permit 10

 match ip address prefix-list PL_CUST_A_BGP_PREFIXES

 set community xxxxx:1400



Weird thing is, that "sh ip bgp summary" shows that neighbour as only having 1 in "State/PfxRcd"



but "sh ip bgp nei xxx.xxx.xx.xx received-routes" shows the neighbour with 0.0.0.0 and there single /24



Cheers for any help.







_______________________________________________

cisco-nsp mailing list  cisco-nsp at puck.nether.net

https://puck.nether.net/mailman/listinfo/cisco-nsp

archive at http://puck.nether.net/pipermail/cisco-nsp/


 		 	   		  


More information about the cisco-nsp mailing list