As-path-list configuration
Filtering outbound prefixes is another common BGP configuration requirement. On the vRouter, this is accomplished using routing policies that are then applied to the BGP process as export policies.
The example in this section assumes that AS100 does not want to be a transit AS for AS 200 or AS 300. This means that:
- eBGP routes from R1's eBGP peer (AS 200) should not be sent to R4's eBGP peer.
- Routes from R4's eBGP peer (AS 300) should not be sent to R1's eBGP peer.
If we did not implement this filtering, AS 300 might send traffic destined for AS 200 to router R4, and this traffic would then be carried across the AS 100 network.
There are several ways that this routing policy could be implemented: two most common are basing the filter on the network prefix or basing it on the AS Path. In this example, we update the existing BGP export policy to add some additional restrictions that will prevent AS 100 from acting as a transit network for AS 200 and AS 300.
This export policy is shown in the following figure.
To create this export policy, perform the following steps in configuration mode.
Router |
Step |
Command(s) |
---|---|---|
R1 |
Create a list of AS paths to deny. In this case we just have one - AS300. |
|
R1 |
Create a route map rule to deny all AS paths in our list. |
|
R1 |
Create a route map rule to permit all other prefixes. |
|
R1 |
Assign the route map policy created as the export and import route map policy for AS 200. |
|
R1 |
Commit the configuration. |
|
R1 |
Reset the BGP session to the peer so that the new policies are enabled. |
|
R1 |
Display the policy configurations. |
|
R1 |
Display the BGP configuration for eBGP neighbor 88.88.88.2. |
|
R4 |
Create a list of AS paths to deny. In this case we just have one - AS200. |
|
R4 |
Create a route map rule to deny all AS paths in our list. |
|
R4 |
Create a route map rule to permit all other prefixes. |
|
R4 |
Assign the route map policy created as the export route map policy for AS 300. |
|
R4 |
Commit the configuration. |
|
R4 |
Reset the BGP session to the peer so that the new policies are enabled. |
|
R4 |
Display the policy configurations. |
|
R4 |
Display the BGP configuration for eBGP neighbor 99.99.99.2. |
|