BigIron RX Series Configuration Guide 795
53-1002253-01
Filtering
26
• “Using a table map to set the tag value” on page 789
• “Configuring cooperative BGP4 route filtering” on page 809
Filtering AS-paths
You can filter updates received from BGP4 neighbors based on the contents of the AS-path list
accompanying the updates. For example, if you want to deny routes that have the AS 4.3.2.1 in the
AS-path from entering the BGP4 route table, you can define a filter to deny such routes.
The device provides the following methods for filtering on AS-path information:
• AS-path filters - refer to “Defining an AS-path filter” on page 753.
• AS-path ACLs
The BigIron RX cannot actively support AS-path filters and AS-path ACLs at the same time. Use one
method or the other but do not mix methods.
Once you define a filter or ACL, the default action for updates that do not match a filter is “deny”. To
change the default action to “permit”, configure the last filter or ACL as “permit any any”.
AS-path filters or AS-path ACLs can be referred to by a BGP neighbor's filter list number as well as
by match statements in a route map.
Defining an AS-path ACL
To configure an AS-path list that uses ACL 1, enter a command such as the following.
BigIron RX(config)# ip as-path access-list acl1 permit 100
BigIron RX(config)# router bgp
BigIron RX(config-bgp)# neighbor 10.10.10.1 filter-list 1 in
The ip as-path command configures an AS-path ACL that permits routes containing AS number 100
in their AS paths. The neighbor command then applies the AS-path ACL to advertisements and
updates received from neighbor 10.10.10.1. In this example, the only routes the device permits
from neighbor 10.10.10.1 are those whose AS-paths contain AS-path number 100.
Syntax: ip as-path access-list <string> [seq <seq-value>] deny | permit <regular-expression>
The <string> parameter specifies the ACL name. (If you enter a number, the CLI interprets the
number as a text string.)
The seq <seq-value> parameter is optional and specifies the AS-path list’s sequence number. If
you do not specify a sequence number, the software numbers them in increments of 5, beginning
with number 5. The software interprets the entries in an AS-path list in numerical order, beginning
with the lowest sequence number.
The deny | permit parameter specifies the action the software takes if a route’s AS-path list
matches a match statement in this ACL. To configure the AS-path match statements in a route
map, use the match as-path command. Refer to “Matching based on AS-path ACL” on page 804.
The <regular-expression> parameter specifies the AS path information you want to permit or deny
to routes that match any of the match statements within the ACL. You can enter a specific AS
number or use a regular expression.
To Next Page
Loading...
