User Tools
tech:network:cisco:bgp:bgp:route-filtering:route-filtering
Table of Contents
BGP: Route Filtering
Topology
IP
Project name: ccna-bgp33-route-filtering-1
- R1
enable configure terminal ! hostname R1 no ip domain-lookup line console 0 exec-timeout 0 0 logging synchronous exit ! interface Loopback 1 ip address 1.1.1.1 255.255.255.0 no shutdown exit interface GigabitEthernet 0/0 ip address 100.1.2.1 255.255.255.0 no shutdown exit interface GigabitEthernet 0/1 ip address 100.1.3.1 255.255.255.0 no shutdown exit interface GigabitEthernet 0/2 ip address 100.1.4.1 255.255.255.0 no shutdown exit ! end write
- R2
enable configure terminal ! hostname R2 no ip domain-lookup line console 0 exec-timeout 0 0 logging synchronous exit ! interface Loopback 1 ip address 2.2.2.2 255.255.255.0 no shutdown exit interface GigabitEthernet 0/0 ip address 100.1.2.2 255.255.255.0 no shutdown exit ! end write
- R3
enable configure terminal ! hostname R3 no ip domain-lookup line console 0 exec-timeout 0 0 logging synchronous exit ! interface Loopback 1 ip address 3.3.3.3 255.255.255.0 no shutdown exit interface GigabitEthernet 0/0 ip address 100.1.3.3 255.255.255.0 no shutdown exit ! end write
- R4
enable configure terminal ! hostname R4 no ip domain-lookup line console 0 exec-timeout 0 0 logging synchronous exit ! interface Loopback 1 ip address 4.4.4.4 255.255.255.0 no shutdown exit interface GigabitEthernet 0/0 ip address 100.1.4.4 255.255.255.0 no shutdown exit ! end write
Basic Routing & BGP Configuration
- R1
configure terminal ! ip route 0.0.0.0 0.0.0.0 100.1.4.4 ! router bgp 1 network 1.1.1.0 mask 255.255.255.0 neighbor 100.1.2.2 remote-as 2 neighbor 100.1.3.3 remote-as 3 exit ! end
- R2
configure terminal ! router bgp 2 network 2.2.2.0 mask 255.255.255.0 neighbor 100.1.2.1 remote-as 1 exit ! end
- R3
configure terminal ! router bgp 3 network 3.3.3.0 mask 255.255.255.0 neighbor 100.1.3.1 remote-as 1 exit ! end
- R4
configure terminal ! ip route 0.0.0.0 0.0.0.0 100.1.4.1 ! end
show ip bgp neighbors | include BGP state show ip bgp show ip route ping 1.1.1.1 source 2.2.2.2 ping 3.3.3.3 source 2.2.2.2 ping 1.1.1.1 source 3.3.3.3 ping 2.2.2.2 source 3.3.3.3 ping 4.4.4.4
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#!
R1(config)#ip route 0.0.0.0 0.0.0.0 100.1.4.4
R1(config)#!
R1(config)#router bgp 1
R1(config-router)#network 1.1.1.0 mask 255.255.255.0
R1(config-router)#neighbor 100.1.2.2 remote-as 2
R1(config-router)#neighbor 100.1.3.3 remote-as 3
R1(config-router)#exit
R1(config)#!
R1(config)#end
R1#
*Feb 21 23:14:58.061: %SYS-5-CONFIG_I: Configured from console by console
R1#
*Feb 21 23:15:07.080: %BGP-5-ADJCHANGE: neighbor 100.1.2.2 Up
R1#
*Feb 21 23:15:08.133: %BGP-5-ADJCHANGE: neighbor 100.1.3.3 Up
R1#sh ip bgp neighbor
R1#sh ip bgp neighbors | in
R1#sh ip bgp neighbors | include BGP state
BGP state = Established, up for 00:03:00
BGP state = Established, up for 00:02:59
R1#sh ip bgp
BGP table version is 4, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 0.0.0.0 0 32768 i
*> 2.2.2.0/24 100.1.2.2 0 0 2 i
*> 3.3.3.0/24 100.1.3.3 0 0 3 i
R1#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is 100.1.4.4 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 100.1.4.4
1.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 1.1.1.0/24 is directly connected, Loopback1
L 1.1.1.1/32 is directly connected, Loopback1
2.0.0.0/24 is subnetted, 1 subnets
B 2.2.2.0 [20/0] via 100.1.2.2, 00:04:32
3.0.0.0/24 is subnetted, 1 subnets
B 3.3.3.0 [20/0] via 100.1.3.3, 00:04:31
100.0.0.0/8 is variably subnetted, 6 subnets, 2 masks
C 100.1.2.0/24 is directly connected, GigabitEthernet0/0
L 100.1.2.1/32 is directly connected, GigabitEthernet0/0
C 100.1.3.0/24 is directly connected, GigabitEthernet0/1
L 100.1.3.1/32 is directly connected, GigabitEthernet0/1
C 100.1.4.0/24 is directly connected, GigabitEthernet0/2
L 100.1.4.1/32 is directly connected, GigabitEthernet0/2
R1#ping 2.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 3/4/6 ms
R1#ping 3.3.3.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 3/4/7 ms
R1#ping 4.4.4.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 2/4/7 ms
R1#
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#!
R2(config)#router bgp 2
R2(config-router)#network 2.2.2.0 mask 255.255.255.0
R2(config-router)#neighbor 100.1.2.1 remote-as 1
R2(config-router)#exit
R2(config)#!
R2(config)#end
R2#
*Feb 21 23:15:02.788: %SYS-5-CONFIG_I: Configured from console by console
R2#
*Feb 21 23:15:06.878: %BGP-5-ADJCHANGE: neighbor 100.1.2.1 Up
R2#sh ip bgp neighbor
R2#sh ip bgp neighbors | in
R2#sh ip bgp neighbors | include BGP state
BGP state = Established, up for 00:03:00
R2#sh ip bgp
BGP table version is 4, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 100.1.2.1 0 0 1 i
*> 2.2.2.0/24 0.0.0.0 0 32768 i
*> 3.3.3.0/24 100.1.2.1 0 1 3 i
R2#ping 4.4.4.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
.
Success rate is 0 percent (0/1)
R2#ping 4.4.4.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
..
Success rate is 0 percent (0/2)
R2#sh ip ro
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/24 is subnetted, 1 subnets
B 1.1.1.0 [20/0] via 100.1.2.1, 00:05:29
2.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 2.2.2.0/24 is directly connected, Loopback1
L 2.2.2.2/32 is directly connected, Loopback1
3.0.0.0/24 is subnetted, 1 subnets
B 3.3.3.0 [20/0] via 100.1.2.1, 00:04:59
100.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 100.1.2.0/24 is directly connected, GigabitEthernet0/0
L 100.1.2.2/32 is directly connected, GigabitEthernet0/0
R2#sh ip bgp
BGP table version is 4, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 100.1.2.1 0 0 1 i
*> 2.2.2.0/24 0.0.0.0 0 32768 i
*> 3.3.3.0/24 100.1.2.1 0 1 3 i
R2#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
R2#ping 3.3.3.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
...
Success rate is 0 percent (0/3)
R2#ping 3.3.3.3 source 2.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
Packet sent with a source address of 2.2.2.2
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 5/5/6 ms
R2#sh ip ro
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/24 is subnetted, 1 subnets
B 1.1.1.0 [20/0] via 100.1.2.1, 00:07:32
2.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 2.2.2.0/24 is directly connected, Loopback1
L 2.2.2.2/32 is directly connected, Loopback1
3.0.0.0/24 is subnetted, 1 subnets
B 3.3.3.0 [20/0] via 100.1.2.1, 00:07:02
100.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 100.1.2.0/24 is directly connected, GigabitEthernet0/0
L 100.1.2.2/32 is directly connected, GigabitEthernet0/0
R2#
R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#!
R3(config)#router bgp 3
R3(config-router)#network 3.3.3.0 mask 255.255.255.0
R3(config-router)#neighbor 100.1.3.1 remote-as 1
R3(config-router)#exit
R3(config)#!
R3(config)#end
R3#
*Feb 21 23:15:08.054: %SYS-5-CONFIG_I: Configured from console by console
*Feb 21 23:15:08.160: %BGP-5-ADJCHANGE: neighbor 100.1.3.1 Up
R3#sh ip bgp neighbor
R3#sh ip bgp neighbors | in
R3#sh ip bgp neighbors | include BGP state
BGP state = Established, up for 00:02:59
R3#sh ip bgp
BGP table version is 4, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 100.1.3.1 0 0 1 i
*> 2.2.2.0/24 100.1.3.1 0 1 2 i
*> 3.3.3.0/24 0.0.0.0 0 32768 i
R3#ping 1.1.1.1 s
R3#ping 1.1.1.1 s
R3#ping 1.1.1.1 so
R3#ping 1.1.1.1 so 3.3.3.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 3.3.3.3
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/6 ms
R3#ping 2.2.2.2 so 3.3.3.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
Packet sent with a source address of 3.3.3.3
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 5/5/6 ms
R3#ping 4.4.4.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R3#sh ip ro
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/24 is subnetted, 1 subnets
B 1.1.1.0 [20/0] via 100.1.3.1, 00:07:37
2.0.0.0/24 is subnetted, 1 subnets
B 2.2.2.0 [20/0] via 100.1.3.1, 00:07:37
3.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 3.3.3.0/24 is directly connected, Loopback1
L 3.3.3.3/32 is directly connected, Loopback1
100.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 100.1.3.0/24 is directly connected, GigabitEthernet0/0
L 100.1.3.3/32 is directly connected, GigabitEthernet0/0
R3#
R4#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#!
R4(config)#ip route 0.0.0.0 0.0.0.0 100.1.4.1
R4(config)#!
R4(config)#end
R4#
*Feb 21 23:15:16.610: %SYS-5-CONFIG_I: Configured from console by console
R4#sh ip bgp neighbor
R4#sh ip bgp neighbors | in
R4#sh ip bgp neighbors | include BGP state
R4#sh ip bgp
% BGP not active
R4#sh ip ro
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is 100.1.4.1 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 100.1.4.1
4.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 4.4.4.0/24 is directly connected, Loopback1
L 4.4.4.4/32 is directly connected, Loopback1
100.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 100.1.4.0/24 is directly connected, GigabitEthernet0/0
L 100.1.4.4/32 is directly connected, GigabitEthernet0/0
R4#
Advertise Default Route
configure terminal ! router bgp 1 redistribute static default-information originate exit ! end
R1#conf t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#router bgp 1 R1(config-router)#defa R1(config-router)#default-i R1(config-router)#default-information ori R1(config-router)#default-information originate R1(config-router)#red R1(config-router)#redistribute sta R1(config-router)#redistribute static
R2#sh ip bgp
BGP table version is 5, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 100.1.2.1 0 0 1 ?
*> 1.1.1.0/24 100.1.2.1 0 0 1 i
*> 2.2.2.0/24 0.0.0.0 0 32768 i
*> 3.3.3.0/24 100.1.2.1 0 1 3 i
R2#ping 4.4.4.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 5/5/6 ms
R2#sh ip ro bgp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is 100.1.2.1 to network 0.0.0.0
B* 0.0.0.0/0 [20/0] via 100.1.2.1, 00:01:34
1.0.0.0/24 is subnetted, 1 subnets
B 1.1.1.0 [20/0] via 100.1.2.1, 00:13:19
3.0.0.0/24 is subnetted, 1 subnets
B 3.3.3.0 [20/0] via 100.1.2.1, 00:12:48
R3#sh ip bgp
BGP table version is 5, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 100.1.3.1 0 0 1 ?
*> 1.1.1.0/24 100.1.3.1 0 0 1 i
*> 2.2.2.0/24 100.1.3.1 0 1 2 i
*> 3.3.3.0/24 0.0.0.0 0 32768 i
R3#sh ip ro bgp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is 100.1.3.1 to network 0.0.0.0
B* 0.0.0.0/0 [20/0] via 100.1.3.1, 00:01:28
1.0.0.0/24 is subnetted, 1 subnets
B 1.1.1.0 [20/0] via 100.1.3.1, 00:13:12
2.0.0.0/24 is subnetted, 1 subnets
B 2.2.2.0 [20/0] via 100.1.3.1, 00:13:12
R4#sh ip ro
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is 100.1.4.1 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 100.1.4.1
4.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 4.4.4.0/24 is directly connected, Loopback1
L 4.4.4.4/32 is directly connected, Loopback1
100.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 100.1.4.0/24 is directly connected, GigabitEthernet0/0
L 100.1.4.4/32 is directly connected, GigabitEthernet0/0
R4#ping 2.2.2.2 source 4.4.4.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/5/6 ms
R4#ping 3.3.3.3 source 4.4.4.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 5/5/6 ms
R1(config-router)#no default-information originate R1(config-router)#do clear ip bgp * soft
R2#sh ip ro bgp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/24 is subnetted, 1 subnets
B 1.1.1.0 [20/0] via 100.1.2.1, 00:14:47
3.0.0.0/24 is subnetted, 1 subnets
B 3.3.3.0 [20/0] via 100.1.2.1, 00:14:16
R2#ping 4.4.4.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R1(config-router)#default-information originate
R2#sh ip ro bgp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is 100.1.2.1 to network 0.0.0.0
B* 0.0.0.0/0 [20/0] via 100.1.2.1, 00:00:25
1.0.0.0/24 is subnetted, 1 subnets
B 1.1.1.0 [20/0] via 100.1.2.1, 00:15:28
3.0.0.0/24 is subnetted, 1 subnets
B 3.3.3.0 [20/0] via 100.1.2.1, 00:14:57
R1(config-router)#no redistribute static R1(config-router)#do clear ip bgp * soft
R2#sh ip ro bgp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is 100.1.2.1 to network 0.0.0.0
B* 0.0.0.0/0 [20/0] via 100.1.2.1, 00:00:28
1.0.0.0/24 is subnetted, 1 subnets
B 1.1.1.0 [20/0] via 100.1.2.1, 00:15:31
3.0.0.0/24 is subnetted, 1 subnets
B 3.3.3.0 [20/0] via 100.1.2.1, 00:15:00
R2#sh ip ro bgp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/24 is subnetted, 1 subnets
B 1.1.1.0 [20/0] via 100.1.2.1, 00:15:40
3.0.0.0/24 is subnetted, 1 subnets
B 3.3.3.0 [20/0] via 100.1.2.1, 00:15:09
configure terminal ! router bgp 1 redistribute static neighbor 100.1.2.2 default-originate exit ! end
R1(config-router)#neighbor 100.1.2.2 default-originate R1(config-router)#do clear ip bgp * soft
R2#sh ip bgp
BGP table version is 11, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 100.1.2.1 0 1 i
*> 1.1.1.0/24 100.1.2.1 0 0 1 i
*> 2.2.2.0/24 0.0.0.0 0 32768 i
*> 3.3.3.0/24 100.1.2.1 0 1 3 i
R2#sh ip ro bgp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is 100.1.2.1 to network 0.0.0.0
B* 0.0.0.0/0 [20/0] via 100.1.2.1, 00:00:13
1.0.0.0/24 is subnetted, 1 subnets
B 1.1.1.0 [20/0] via 100.1.2.1, 00:24:16
3.0.0.0/24 is subnetted, 1 subnets
B 3.3.3.0 [20/0] via 100.1.2.1, 00:23:45
R3#sh ip bgp
BGP table version is 10, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 100.1.3.1 0 0 1 i
*> 2.2.2.0/24 100.1.3.1 0 1 2 i
*> 3.3.3.0/24 0.0.0.0 0 32768 i
R3#sh ip ro bgp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
1.0.0.0/24 is subnetted, 1 subnets
B 1.1.1.0 [20/0] via 100.1.3.1, 00:24:25
2.0.0.0/24 is subnetted, 1 subnets
B 2.2.2.0 [20/0] via 100.1.3.1, 00:24:25
R4#ping 3.3.3.3 source 4.4.4.4 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds: Packet sent with a source address of 4.4.4.4 ..... Success rate is 0 percent (0/5) R4#ping 2.2.2.2 source 4.4.4.4 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds: Packet sent with a source address of 4.4.4.4 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 5/6/8 ms
Topology
R1 not have directly configured default route verification (R1 advertised default route from R4)
IP
Project name: ccna-bgp33-route-filtering-2
- R1
enable configure terminal ! hostname R1 no ip domain-lookup line console 0 exec-timeout 0 0 logging synchronous exit ! interface Loopback 1 ip address 1.1.1.1 255.255.255.0 no shutdown exit interface GigabitEthernet 0/0 ip address 100.1.2.1 255.255.255.0 no shutdown exit interface GigabitEthernet 0/1 ip address 100.1.3.1 255.255.255.0 no shutdown exit interface GigabitEthernet 0/2 ip address 100.1.4.1 255.255.255.0 no shutdown exit ! end write
- R2
enable configure terminal ! hostname R2 no ip domain-lookup line console 0 exec-timeout 0 0 logging synchronous exit ! interface Loopback 1 ip address 2.2.2.2 255.255.255.0 no shutdown exit interface GigabitEthernet 0/0 ip address 100.1.2.2 255.255.255.0 no shutdown exit ! end write
- R3
enable configure terminal ! hostname R3 no ip domain-lookup line console 0 exec-timeout 0 0 logging synchronous exit ! interface Loopback 1 ip address 3.3.3.3 255.255.255.0 no shutdown exit interface GigabitEthernet 0/0 ip address 100.1.3.3 255.255.255.0 no shutdown exit ! end write
- R4
enable configure terminal ! hostname R4 no ip domain-lookup line console 0 exec-timeout 0 0 logging synchronous exit ! interface Loopback 1 ip address 4.4.4.4 255.255.255.0 no shutdown exit interface GigabitEthernet 0/0 ip address 100.1.4.4 255.255.255.0 no shutdown exit interface GigabitEthernet 0/1 ip address 100.4.5.4 255.255.255.0 no shutdown exit ! end write
- R5
enable configure terminal ! hostname R5 no ip domain-lookup line console 0 exec-timeout 0 0 logging synchronous exit ! interface Loopback 1 ip address 5.5.5.5 255.255.255.0 no shutdown exit interface GigabitEthernet 0/0 ip address 100.4.5.5 255.255.255.0 no shutdown exit ! end write
Basic Routing & BGP Configuration
- R1
configure terminal ! router bgp 1 network 1.1.1.0 mask 255.255.255.0 neighbor 100.1.2.2 remote-as 2 neighbor 100.1.3.3 remote-as 3 neighbor 100.1.4.4 remote-as 4 exit ! end
- R2
configure terminal ! router bgp 2 network 2.2.2.0 mask 255.255.255.0 neighbor 100.1.2.1 remote-as 1 exit ! end
- R3
configure terminal ! router bgp 3 network 3.3.3.0 mask 255.255.255.0 neighbor 100.1.3.1 remote-as 1 exit ! end
- R4
configure terminal ! ip route 0.0.0.0 0.0.0.0 100.4.5.5 ! router bgp 4 network 4.4.4.0 mask 255.255.255.0 neighbor 100.1.4.1 remote-as 1 exit ! end
- R5
configure terminal ! ip route 0.0.0.0 0.0.0.0 100.4.5.4 ! end
Advertise Default Route from R4 via R1
- R4
configure terminal ! router bgp 4 redistribute static ! default-information originate ! or neighbor 100.1.4.1 default-originate exit ! end
- R1
configure terminal ! router bgp 1 network 4.4.4.0 mask 255.255.255.0 default-information originate exit ! end
R4(config)#router bgp 4 R4(config-router)#redi R4(config-router)#redistribute sta R4(config-router)#redistribute static R4(config-router)#defau R4(config-router)#default-in R4(config-router)#default-information ori R4(config-router)#default-information originate
R1#sh ip ro bgp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is not set
2.0.0.0/24 is subnetted, 1 subnets
B 2.2.2.0 [20/0] via 100.1.2.2, 00:04:30
3.0.0.0/24 is subnetted, 1 subnets
B 3.3.3.0 [20/0] via 100.1.3.3, 00:04:30
4.0.0.0/24 is subnetted, 1 subnets
B 4.4.4.0 [20/0] via 100.1.4.4, 00:04:30
R1#sh ip bgp
BGP table version is 6, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 100.1.4.4 0 0 4 ?
*> 1.1.1.0/24 0.0.0.0 0 32768 i
*> 2.2.2.0/24 100.1.2.2 0 0 2 i
*> 3.3.3.0/24 100.1.3.3 0 0 3 i
*> 4.4.4.0/24 100.1.4.4 0 0 4 i
R2#sh ip ro bgp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
Gateway of last resort is 100.1.2.1 to network 0.0.0.0
B* 0.0.0.0/0 [20/0] via 100.1.2.1, 00:02:43
1.0.0.0/24 is subnetted, 1 subnets
B 1.1.1.0 [20/0] via 100.1.2.1, 00:07:28
3.0.0.0/24 is subnetted, 1 subnets
B 3.3.3.0 [20/0] via 100.1.2.1, 00:07:28
4.0.0.0/24 is subnetted, 1 subnets
B 4.4.4.0 [20/0] via 100.1.2.1, 00:07:28
R2#ping 5.5.5.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R2#ping 5.5.5.5 source 2.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 2.2.2.2
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 5/6/8 ms
hmmm????
R4(config-router)#no default-information originate R4(config-router)#neigh R4(config-router)#do clear ip bgp * soft R4(config-router)#neigh R4(config-router)#neighbor 100.1.4.1 defau R4(config-router)#neighbor 100.1.4.1 default-originate R4(config-router)#do clear ip bgp * soft R4(config-router)#
R1#sh ip bgp
BGP table version is 8, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 100.1.4.4 0 4 i
*> 1.1.1.0/24 0.0.0.0 0 32768 i
*> 2.2.2.0/24 100.1.2.2 0 0 2 i
*> 3.3.3.0/24 100.1.3.3 0 0 3 i
*> 4.4.4.0/24 100.1.4.4 0 0 4 i
R2#ping 5.5.5.5 source 2.2.2.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds: Packet sent with a source address of 2.2.2.2 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 6/7/8 ms
i can't understand…
reset lab!!!!!!!
R1#conf t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#router bgp 1 R1(config-router)#defaut R1(config-router)#default R1(config-router)#default-in R1(config-router)#default-information ori R1(config-router)#default-information originate R1(config-router)#redi R1(config-router)#redistribute sta R1(config-router)#redistribute static R1(config-router)#do clear ip bgp * soft
R2#sh ip bgp
BGP table version is 5, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 100.1.2.1 0 0 1 i
*> 2.2.2.0/24 0.0.0.0 0 32768 i
*> 3.3.3.0/24 100.1.2.1 0 1 3 i
*> 4.4.4.0/24 100.1.2.1 0 1 4 i
OK, I will understan this meaning at a later time.
Topology
IP
Project name: ccna-bgp33-route-filtering-3
- R1
enable configure terminal ! hostname R1 no ip domain-lookup line console 0 exec-timeout 0 0 logging synchronous exit ! interface Loopback 1 ip address 1.1.1.1 255.255.255.0 no shutdown exit interface GigabitEthernet 0/0 ip address 50.1.2.1 255.255.255.0 no shutdown exit interface GigabitEthernet 0/1 ip address 50.1.4.1 255.255.255.0 no shutdown exit ! end write
- R2
enable configure terminal ! hostname R2 no ip domain-lookup line console 0 exec-timeout 0 0 logging synchronous exit ! interface Loopback 1 ip address 2.2.2.2 255.255.255.0 no shutdown exit interface GigabitEthernet 0/0 ip address 10.2.6.2 255.255.255.0 no shutdown exit interface GigabitEthernet 0/1 ip address 50.1.2.2 255.255.255.0 no shutdown exit interface GigabitEthernet 0/2 ip address 10.2.7.2 255.255.255.0 no shutdown exit ! end write
- R3
enable configure terminal ! hostname R3 no ip domain-lookup line console 0 exec-timeout 0 0 logging synchronous exit ! interface Loopback 1 ip address 3.3.3.3 255.255.255.0 no shutdown exit interface GigabitEthernet 0/0 ip address 50.3.7.3 255.255.255.0 no shutdown exit ! end write
- R4
enable configure terminal ! hostname R4 no ip domain-lookup line console 0 exec-timeout 0 0 logging synchronous exit ! interface Loopback 1 ip address 4.4.4.4 255.255.255.0 no shutdown exit interface GigabitEthernet 0/0 ip address 10.4.5.4 255.255.255.0 no shutdown exit interface GigabitEthernet 0/1 ip address 50.1.4.4 255.255.255.0 no shutdown exit ! end write
- R5
enable configure terminal ! hostname R5 no ip domain-lookup line console 0 exec-timeout 0 0 logging synchronous exit ! interface Loopback 1 ip address 5.5.5.5 255.255.255.0 no shutdown exit interface GigabitEthernet 0/0 ip address 50.5.6.5 255.255.255.0 no shutdown exit interface GigabitEthernet 0/1 ip address 10.4.5.5 255.255.255.0 no shutdown exit ! end write
- R6
enable configure terminal ! hostname R6 no ip domain-lookup line console 0 exec-timeout 0 0 logging synchronous exit ! interface Loopback 1 ip address 6.6.6.6 255.255.255.0 no shutdown exit interface GigabitEthernet 0/0 ip address 10.6.7.6 255.255.255.0 no shutdown exit interface GigabitEthernet 0/1 ip address 50.5.6.6 255.255.255.0 no shutdown exit interface GigabitEthernet 0/2 ip address 10.2.6.6 255.255.255.0 no shutdown exit ! end write
- R7
enable configure terminal ! hostname R7 no ip domain-lookup line console 0 exec-timeout 0 0 logging synchronous exit ! interface Loopback 1 ip address 7.7.7.7 255.255.255.0 no shutdown exit interface GigabitEthernet 0/0 ip address 50.3.7.7 255.255.255.0 no shutdown exit interface GigabitEthernet 0/1 ip address 10.6.7.7 255.255.255.0 no shutdown exit interface GigabitEthernet 0/2 ip address 10.2.7.7 255.255.255.0 no shutdown exit ! end write
Basic BGP Configuration
- R1
configure terminal ! router bgp 100 network 1.1.1.0 mask 255.255.255.0 neighbor 50.1.2.2 remote-as 200 neighbor 50.1.4.4 remote-as 400 exit ! end
- R2
configure terminal ! router bgp 200 network 2.2.2.0 mask 255.255.255.0 neighbor 50.1.2.1 remote-as 100 neighbor 10.2.6.6 remote-as 200 neighbor 10.2.6.6 next-hop-self neighbor 10.2.7.7 remote-as 200 neighbor 10.2.7.7 next-hop-self exit ! end
- R3
configure terminal ! router bgp 300 network 3.3.3.0 mask 255.255.255.0 neighbor 50.3.7.7 remote-as 200 exit ! end
- R4
configure terminal ! router bgp 400 network 4.4.4.0 mask 255.255.255.0 neighbor 50.1.4.1 remote-as 100 neighbor 10.4.5.5 remote-as 400 neighbor 10.4.5.5 next-hop-self exit ! end
- R5
configure terminal ! router bgp 400 network 5.5.5.0 mask 255.255.255.0 neighbor 50.5.6.6 remote-as 200 neighbor 10.4.5.4 remote-as 400 neighbor 10.4.5.4 next-hop-self exit ! end
- R6
configure terminal ! router bgp 200 network 6.6.6.0 mask 255.255.255.0 neighbor 50.5.6.5 remote-as 400 neighbor 10.2.6.2 remote-as 200 neighbor 10.2.6.2 next-hop-self neighbor 10.6.7.7 remote-as 200 neighbor 10.6.7.7 next-hop-self exit ! end
- R7
configure terminal ! router bgp 200 network 7.7.7.0 mask 255.255.255.0 neighbor 50.3.7.3 remote-as 300 neighbor 10.6.7.6 remote-as 200 neighbor 10.6.7.6 next-hop-self neighbor 10.2.7.2 remote-as 200 neighbor 10.2.7.2 next-hop-self exit ! end
show ip bgp neighbors | include BGP state show ip bgp ping 2.2.2.2 source 1.1.1.1 ping 3.3.3.3 source 1.1.1.1 ping 4.4.4.4 source 1.1.1.1 ping 5.5.5.5 source 1.1.1.1 ping 6.6.6.6 source 1.1.1.1 ping 7.7.7.7 source 1.1.1.1 traceroute 2.2.2.2 source 1.1.1.1 traceroute 3.3.3.3 source 1.1.1.1 traceroute 4.4.4.4 source 1.1.1.1 traceroute 5.5.5.5 source 1.1.1.1 traceroute 6.6.6.6 source 1.1.1.1 traceroute 7.7.7.7 source 1.1.1.1
R1#show ip bgp
BGP table version is 9, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 0.0.0.0 0 32768 i
* 2.2.2.0/24 50.1.4.4 0 400 200 i
*> 50.1.2.2 0 0 200 i
*> 3.3.3.0/24 50.1.2.2 0 200 300 i
* 50.1.4.4 0 400 200 300 i
* 4.4.4.0/24 50.1.2.2 0 200 400 i
*> 50.1.4.4 0 0 400 i
* 5.5.5.0/24 50.1.2.2 0 200 400 i
*> 50.1.4.4 0 400 i
* 6.6.6.0/24 50.1.4.4 0 400 200 i
*> 50.1.2.2 0 200 i
* 7.7.7.0/24 50.1.4.4 0 400 200 i
*> 50.1.2.2 0 200 i
R1#ping 2.2.2.2 source 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/5/9 ms
R1#ping 3.3.3.3 source 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 7/8/10 ms
R1#ping 4.4.4.4 source 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/6/10 ms
R1#ping 5.5.5.5 source 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 5/6/8 ms
R1#ping 6.6.6.6 source 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 6.6.6.6, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/6/8 ms
R1#ping 7.7.7.7 source 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 7/8/13 ms
R1#traceroute 2.2.2.2 source 1.1.1.1
Type escape sequence to abort.
Tracing the route to 2.2.2.2
VRF info: (vrf in name/id, vrf out name/id)
1 50.1.2.2 5 msec 6 msec 6 msec
R1#traceroute 3.3.3.3 source 1.1.1.1
Type escape sequence to abort.
Tracing the route to 3.3.3.3
VRF info: (vrf in name/id, vrf out name/id)
1 50.1.2.2 4 msec 5 msec 5 msec
2 10.2.7.7 6 msec 12 msec 12 msec
3 50.3.7.3 11 msec 8 msec 9 msec
R1#traceroute 4.4.4.4 source 1.1.1.1
Type escape sequence to abort.
Tracing the route to 4.4.4.4
VRF info: (vrf in name/id, vrf out name/id)
1 50.1.4.4 5 msec 6 msec 4 msec
R1#traceroute 5.5.5.5 source 1.1.1.1
Type escape sequence to abort.
Tracing the route to 5.5.5.5
VRF info: (vrf in name/id, vrf out name/id)
1 50.1.4.4 6 msec 4 msec 9 msec
2 10.4.5.5 9 msec 6 msec 5 msec
R1#traceroute 6.6.6.6 source 1.1.1.1
Type escape sequence to abort.
Tracing the route to 6.6.6.6
VRF info: (vrf in name/id, vrf out name/id)
1 50.1.2.2 4 msec 8 msec 6 msec
2 10.2.6.6 6 msec 7 msec 8 msec
R1#traceroute 7.7.7.7 source 1.1.1.1
Type escape sequence to abort.
Tracing the route to 7.7.7.7
VRF info: (vrf in name/id, vrf out name/id)
1 50.1.2.2 4 msec 4 msec 4 msec
2 10.2.7.7 6 msec 6 msec 6 msec
Router Filtering Configuration & Verification distribute-list
R1#sh ip bgp
BGP table version is 9, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 0.0.0.0 0 32768 i
* 2.2.2.0/24 50.1.4.4 0 400 200 i
*> 50.1.2.2 0 0 200 i
* 3.3.3.0/24 50.1.4.4 0 400 200 300 i
*> 50.1.2.2 0 200 300 i
* 4.4.4.0/24 50.1.2.2 0 200 400 i
*> 50.1.4.4 0 0 400 i
*> 5.5.5.0/24 50.1.4.4 0 400 i
* 50.1.2.2 0 200 400 i
* 6.6.6.0/24 50.1.4.4 0 400 200 i
*> 50.1.2.2 0 200 i
* 7.7.7.0/24 50.1.4.4 0 400 200 i
*> 50.1.2.2 0 200 i
- R2
configure terminal ! access-list 1 permit 3.3.3.3 0.0.0.255 ! router bgp 200 neighbor 50.1.2.1 distribute-list 1 out exit ! end
- R2
clear ip bgp 50.1.2.1 soft out
clear ip bgp 50.1.2.1 soft out
R1#sh ip bgp
BGP table version is 12, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 0.0.0.0 0 32768 i
*> 2.2.2.0/24 50.1.4.4 0 400 200 i
* 3.3.3.0/24 50.1.4.4 0 400 200 300 i
*> 50.1.2.2 0 200 300 i
*> 4.4.4.0/24 50.1.4.4 0 0 400 i
*> 5.5.5.0/24 50.1.4.4 0 400 i
*> 6.6.6.0/24 50.1.4.4 0 400 200 i
*> 7.7.7.0/24 50.1.4.4 0 400 200 i
R1#traceroute 7.7.7.7 source 1.1.1.1
Type escape sequence to abort.
Tracing the route to 7.7.7.7
VRF info: (vrf in name/id, vrf out name/id)
1 50.1.4.4 9 msec 5 msec 4 msec
2 10.4.5.5 7 msec 9 msec 5 msec
3 50.5.6.6 7 msec 6 msec 8 msec
4 10.6.7.7 7 msec 8 msec 9 msec
Router Filtering Configuration & Verification prefix-list
R1#sh ip bgp
BGP table version is 18, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 0.0.0.0 0 32768 i
* 2.2.2.0/24 50.1.4.4 0 400 200 i
*> 50.1.2.2 0 0 200 i
*> 3.3.3.0/24 50.1.2.2 0 200 300 i
* 50.1.4.4 0 400 200 300 i
* 4.4.4.0/24 50.1.2.2 0 200 400 i
*> 50.1.4.4 0 0 400 i
* 5.5.5.0/24 50.1.2.2 0 200 400 i
*> 50.1.4.4 0 400 i
*> 6.6.6.0/24 50.1.2.2 0 200 i
* 50.1.4.4 0 400 200 i
*> 7.7.7.0/24 50.1.2.2 0 200 i
* 50.1.4.4 0 400 200 i
- R4
configure terminal ! ip prefix-list PRE01 permit 7.7.7.7/24 ! router bgp 400 neighbor 50.1.4.1 prefix-list PRE01 out exit ! end
- R4
clear ip bgp 50.1.4.1 soft out
R1#sh ip bgp
BGP table version is 20, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 0.0.0.0 0 32768 i
*> 2.2.2.0/24 50.1.2.2 0 0 200 i
*> 3.3.3.0/24 50.1.2.2 0 200 300 i
*> 4.4.4.0/24 50.1.2.2 0 200 400 i
*> 5.5.5.0/24 50.1.2.2 0 200 400 i
*> 6.6.6.0/24 50.1.2.2 0 200 i
*> 7.7.7.0/24 50.1.2.2 0 200 i
* 50.1.4.4 0 400 200 i
R1#traceroute 4.4.4.4 source 1.1.1.1
Type escape sequence to abort.
Tracing the route to 4.4.4.4
VRF info: (vrf in name/id, vrf out name/id)
1 50.1.2.2 10 msec 5 msec 4 msec
2 10.2.6.6 7 msec 7 msec 10 msec
3 50.5.6.5 7 msec 5 msec 8 msec
4 10.4.5.4 9 msec 7 msec 6 msec
Router Filtering Configuration & Verification filter-list
R5#sh ip bgp
BGP table version is 8, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* 1.1.1.0/24 50.5.6.6 0 200 100 i
*>i 10.4.5.4 0 100 0 100 i
*> 2.2.2.0/24 50.5.6.6 0 200 i
*> 3.3.3.0/24 50.5.6.6 0 200 300 i
*>i 4.4.4.0/24 10.4.5.4 0 100 0 i
*> 5.5.5.0/24 0.0.0.0 0 32768 i
*> 6.6.6.0/24 50.5.6.6 0 0 200 i
*> 7.7.7.0/24 50.5.6.6 0 200 i
- R5 or R2
configure terminal ! ip as-path access-list 1 permit ^100_ ! ip as-path access-list 2 permit _200^ ! ip as-path access-list 3 permit ^$ ! ip as-path access-list 4 deny ^200_ ip as-path access-list 4 permit .* ! end
configure terminal ! router bgp 400 neighbor 50.5.6.6 filter-list 1 in exit ! end
clear ip bgp 50.5.6.6 soft in
R5#sh ip as-path-access-list
AS path access list 1
permit ^100_
AS path access list 2
permit _200^
AS path access list 3
permit ^$
AS path access list 4
deny ^200_
permit .*
R5#sh ip bgp
BGP table version is 16, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>i 1.1.1.0/24 10.4.5.4 0 100 0 100 i
*>i 2.2.2.0/24 10.4.5.4 0 100 0 100 200 i
*>i 3.3.3.0/24 10.4.5.4 0 100 0 100 200 300 i
*>i 4.4.4.0/24 10.4.5.4 0 100 0 i
*> 5.5.5.0/24 0.0.0.0 0 32768 i
*>i 6.6.6.0/24 10.4.5.4 0 100 0 100 200 i
*>i 7.7.7.0/24 10.4.5.4 0 100 0 100 200 i
R5#traceroute 3.3.3.3 source 5.5.5.5 Type escape sequence to abort. Tracing the route to 3.3.3.3 VRF info: (vrf in name/id, vrf out name/id) 1 10.4.5.4 7 msec 4 msec 3 msec 2 50.1.4.1 7 msec 6 msec 7 msec 3 50.1.2.2 7 msec 9 msec 6 msec 4 10.2.7.7 8 msec 6 msec 10 msec 5 50.3.7.3 17 msec 7 msec 8 msec
show ip bgp regexp ^200_ show ip bgp regexp _300$ show ip bgp regexp ^$ show ip bgp regexp .*
R5(config-router)#do sh ip bgp regexp ^200_
BGP table version is 20, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* 1.1.1.0/24 50.5.6.6 0 200 100 i
*> 2.2.2.0/24 50.5.6.6 0 200 i
*> 3.3.3.0/24 50.5.6.6 0 200 300 i
*> 6.6.6.0/24 50.5.6.6 0 0 200 i
*> 7.7.7.0/24 50.5.6.6 0 200 i
R5(config-router)#do sh ip bgp regexp _300$
BGP table version is 20, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 3.3.3.0/24 50.5.6.6 0 200 300 i
R5#show ip bgp regexp ^$
BGP table version is 20, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>i 4.4.4.0/24 10.4.5.4 0 100 0 i
*> 5.5.5.0/24 0.0.0.0 0 32768 i
R5#show ip bgp regexp .*
BGP table version is 20, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* 1.1.1.0/24 50.5.6.6 0 200 100 i
*>i 10.4.5.4 0 100 0 100 i
*> 2.2.2.0/24 50.5.6.6 0 200 i
*> 3.3.3.0/24 50.5.6.6 0 200 300 i
*>i 4.4.4.0/24 10.4.5.4 0 100 0 i
*> 5.5.5.0/24 0.0.0.0 0 32768 i
*> 6.6.6.0/24 50.5.6.6 0 0 200 i
*> 7.7.7.0/24 50.5.6.6 0 200 i
show ip bgp filter-list 1
R5#show ip bgp regexp .*
BGP table version is 20, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* 1.1.1.0/24 50.5.6.6 0 200 100 i
*>i 10.4.5.4 0 100 0 100 i
*> 2.2.2.0/24 50.5.6.6 0 200 i
*> 3.3.3.0/24 50.5.6.6 0 200 300 i
*>i 4.4.4.0/24 10.4.5.4 0 100 0 i
*> 5.5.5.0/24 0.0.0.0 0 32768 i
*> 6.6.6.0/24 50.5.6.6 0 0 200 i
*> 7.7.7.0/24 50.5.6.6 0 200 i
R5#show ip bgp filter-list 4
BGP table version is 20, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>i 1.1.1.0/24 10.4.5.4 0 100 0 100 i
*>i 4.4.4.0/24 10.4.5.4 0 100 0 i
*> 5.5.5.0/24 0.0.0.0 0 32768 i
R2#sh ip bgp
BGP table version is 9, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 50.1.2.1 0 0 100 i
*> 2.2.2.0/24 0.0.0.0 0 32768 i
*>i 3.3.3.0/24 10.2.7.7 0 100 0 300 i
*>i 4.4.4.0/24 10.2.6.6 0 100 0 400 i
* 50.1.2.1 0 100 400 i
* 5.5.5.0/24 50.1.2.1 0 100 400 i
*>i 10.2.6.6 0 100 0 400 i
*>i 6.6.6.0/24 10.2.6.6 0 100 0 i
*>i 7.7.7.0/24 10.2.7.7 0 100 0 i
configure terminal ! ip as-path access-list 4 deny ^300_ ip as-path access-list 4 permit .* ! router bgp 200 neighbor 50.5.6.6 filter-list 4 out exit ! end
clear ip bgp 50.5.6.6 soft out
R1#sh ip bgp
BGP table version is 11, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 0.0.0.0 0 32768 i
* 2.2.2.0/24 50.1.4.4 0 400 200 i
*> 50.1.2.2 0 0 200 i
*> 3.3.3.0/24 50.1.2.2 0 200 300 i
* 50.1.4.4 0 400 200 300 i
* 4.4.4.0/24 50.1.2.2 0 200 400 i
*> 50.1.4.4 0 0 400 i
* 5.5.5.0/24 50.1.2.2 0 200 400 i
*> 50.1.4.4 0 400 i
* 6.6.6.0/24 50.1.4.4 0 400 200 i
*> 50.1.2.2 0 200 i
* 7.7.7.0/24 50.1.4.4 0 400 200 i
*> 50.1.2.2 0 200 i
R2(config)#do sh ip bgp
BGP table version is 9, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 50.1.2.1 0 0 100 i
*> 2.2.2.0/24 0.0.0.0 0 32768 i
*>i 3.3.3.0/24 10.2.7.7 0 100 0 300 i
*>i 4.4.4.0/24 10.2.6.6 0 100 0 400 i
* 50.1.2.1 0 100 400 i
* 5.5.5.0/24 50.1.2.1 0 100 400 i
*>i 10.2.6.6 0 100 0 400 i
*>i 6.6.6.0/24 10.2.6.6 0 100 0 i
*>i 7.7.7.0/24 10.2.7.7 0 100 0 i
R2(config)#router bgp 200
R2(config-router)#neigh
R2(config-router)#neighbor 50.1.2.1 filter
R2(config-router)#neighbor 50.1.2.1 filter-list 4
% Incomplete command.
R2(config-router)#exit
R2(config)#no ip as
R2(config)#no ip as-path ac
R2(config)#no ip as-path access-list 4
R2(config)#do sh ip as-path-acce
R2(config)#ip as
R2(config)#ip as-path acc
R2(config)#ip as-path access-list 4 de
R2(config)#ip as-path access-list 4 deny ^300_
R2(config)#ip as-path access-list 4 permit .*
R2(config)#do sh ip as-path-acce
AS path access list 4
deny ^300_
permit .*
R2(config)#do sh ip bgp filter-list 4
BGP table version is 9, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 50.1.2.1 0 0 100 i
*> 2.2.2.0/24 0.0.0.0 0 32768 i
*>i 4.4.4.0/24 10.2.6.6 0 100 0 400 i
* 50.1.2.1 0 100 400 i
* 5.5.5.0/24 50.1.2.1 0 100 400 i
*>i 10.2.6.6 0 100 0 400 i
*>i 6.6.6.0/24 10.2.6.6 0 100 0 i
*>i 7.7.7.0/24 10.2.7.7 0 100 0 i
R2(config)#router bgp 200
R2(config-router)#neigh
R2(config-router)#neighbor 50.1.2.1 filter
R2(config-router)#neighbor 50.1.2.1 filter-list 4 out
R2(config-router)#do sh ip bgp
BGP table version is 9, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 50.1.2.1 0 0 100 i
*> 2.2.2.0/24 0.0.0.0 0 32768 i
*>i 3.3.3.0/24 10.2.7.7 0 100 0 300 i
*>i 4.4.4.0/24 10.2.6.6 0 100 0 400 i
* 50.1.2.1 0 100 400 i
* 5.5.5.0/24 50.1.2.1 0 100 400 i
*>i 10.2.6.6 0 100 0 400 i
*>i 6.6.6.0/24 10.2.6.6 0 100 0 i
*>i 7.7.7.0/24 10.2.7.7 0 100 0 i
R2(config-router)#no neighbor 50.1.2.1 filter-list 4 out
R2(config-router)#do clear ip bgp 50.1.2.1 soft out
R2(config-router)#neighbor 50.1.2.1 filter-list 4 out
R2(config-router)#do clear ip bgp 50.1.2.1 soft out
R2(config-router)#
R1#sh ip bgp
BGP table version is 12, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 0.0.0.0 0 32768 i
* 2.2.2.0/24 50.1.4.4 0 400 200 i
*> 50.1.2.2 0 0 200 i
*> 3.3.3.0/24 50.1.4.4 0 400 200 300 i
* 4.4.4.0/24 50.1.2.2 0 200 400 i
*> 50.1.4.4 0 0 400 i
* 5.5.5.0/24 50.1.2.2 0 200 400 i
*> 50.1.4.4 0 400 i
* 6.6.6.0/24 50.1.4.4 0 400 200 i
*> 50.1.2.2 0 200 i
* 7.7.7.0/24 50.1.4.4 0 400 200 i
*> 50.1.2.2 0 200 i
R1#traceroute 3.3.3.3 source 1.1.1.1 Type escape sequence to abort. Tracing the route to 3.3.3.3 VRF info: (vrf in name/id, vrf out name/id) 1 50.1.4.4 5 msec 5 msec 4 msec 2 10.4.5.5 6 msec 4 msec 7 msec 3 50.5.6.6 7 msec 7 msec 7 msec 4 10.6.7.7 5 msec 13 msec 6 msec 5 50.3.7.3 10 msec 12 msec 12 msec
Advertised routes
show ip bgp neighbors 50.1.2.1 advertised-route
Received routes
show ip bgp neighbors 50.1.2.1 route
R2#sh ip bgp
BGP table version is 9, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 50.1.2.1 0 0 100 i
*> 2.2.2.0/24 0.0.0.0 0 32768 i
*>i 3.3.3.0/24 10.2.7.7 0 100 0 300 i
*>i 4.4.4.0/24 10.2.6.6 0 100 0 400 i
* 50.1.2.1 0 100 400 i
* 5.5.5.0/24 50.1.2.1 0 100 400 i
*>i 10.2.6.6 0 100 0 400 i
*>i 6.6.6.0/24 10.2.6.6 0 100 0 i
*>i 7.7.7.0/24 10.2.7.7 0 100 0 i
R2#sh ip bg
R2#sh ip bgp neigh
R2#sh ip bgp neighbors 50.1.2.1 ?
advertised-routes Display the routes advertised to a BGP neighbor
dampened-routes Display the dampened routes received from neighbor (eBGP
peers only)
flap-statistics Display flap statistics of the routes learned from
neighbor (eBGP peers only)
paths Display AS paths learned from neighbor
policy Display neighbor polices per address-family
received Display information received from a BGP neighbor
received-routes Display the received routes from neighbor
routes Display routes learned from neighbor
| Output modifiers
<cr>
R2#sh ip bgp neighbors 50.1.2.1 ad
R2#sh ip bgp neighbors 50.1.2.1 advertised-routes
BGP table version is 9, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 2.2.2.0/24 0.0.0.0 0 32768 i
*>i 4.4.4.0/24 10.2.6.6 0 100 0 400 i
*>i 5.5.5.0/24 10.2.6.6 0 100 0 400 i
*>i 6.6.6.0/24 10.2.6.6 0 100 0 i
*>i 7.7.7.0/24 10.2.7.7 0 100 0 i
Total number of prefixes 5
R2#sh ip bgp neighbors 50.1.2.1 route
BGP table version is 9, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 50.1.2.1 0 0 100 i
* 4.4.4.0/24 50.1.2.1 0 100 400 i
* 5.5.5.0/24 50.1.2.1 0 100 400 i
Total number of prefixes 3
R2#sh ip bgp neighbors 50.1.2.1 route
BGP table version is 9, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 50.1.2.1 0 0 100 i
* 4.4.4.0/24 50.1.2.1 0 100 400 i
* 5.5.5.0/24 50.1.2.1 0 100 400 i
Total number of prefixes 3
R2#clear ip bgp 50.1.2.1 soft in
R2#sh ip bgp neighbors 50.1.2.1 route
BGP table version is 9, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 50.1.2.1 0 0 100 i
* 4.4.4.0/24 50.1.2.1 0 100 400 i
* 5.5.5.0/24 50.1.2.1 0 100 400 i
Total number of prefixes 3
R2#sh ip bgp neighbors 50.1.2.1 route
BGP table version is 9, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 50.1.2.1 0 0 100 i
* 4.4.4.0/24 50.1.2.1 0 100 400 i
* 5.5.5.0/24 50.1.2.1 0 100 400 i
Total number of prefixes 3
R2#sh ip bgp neighbors 50.1.2.1 route
BGP table version is 9, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 50.1.2.1 0 0 100 i
* 4.4.4.0/24 50.1.2.1 0 100 400 i
* 5.5.5.0/24 50.1.2.1 0 100 400 i
Total number of prefixes 3
R2#sh ip bgp
BGP table version is 9, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 50.1.2.1 0 0 100 i
*> 2.2.2.0/24 0.0.0.0 0 32768 i
*>i 3.3.3.0/24 10.2.7.7 0 100 0 300 i
*>i 4.4.4.0/24 10.2.6.6 0 100 0 400 i
* 50.1.2.1 0 100 400 i
* 5.5.5.0/24 50.1.2.1 0 100 400 i
*>i 10.2.6.6 0 100 0 400 i
*>i 6.6.6.0/24 10.2.6.6 0 100 0 i
*>i 7.7.7.0/24 10.2.7.7 0 100 0 i
Non Transit AS Configuation
- R1
configure terminal ! ip as-path access-list 3 permit ^$ ! router bgp 100 neighbor 50.1.2.2 filter-list 3 out neighbor 50.1.4.4 filter-list 3 out exit ! end
R2#conf t Enter configuration commands, one per line. End with CNTL/Z. R2(config)#router bgp 200 R2(config-router)#no nei R2(config-router)#no neighbor 50.1.2.1 fi R2(config-router)#no neighbor 50.1.2.1 filter-list 4 % Incomplete command. R2(config-router)#no neighbor 50.1.2.1 filter-list 4 out R2(config-router)#
R2#sh ip bgp
BGP table version is 9, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 50.1.2.1 0 0 100 i
*> 2.2.2.0/24 0.0.0.0 0 32768 i
*>i 3.3.3.0/24 10.2.7.7 0 100 0 300 i
*>i 4.4.4.0/24 10.2.6.6 0 100 0 400 i
* 50.1.2.1 0 100 400 i
* 5.5.5.0/24 50.1.2.1 0 100 400 i
*>i 10.2.6.6 0 100 0 400 i
*>i 6.6.6.0/24 10.2.6.6 0 100 0 i
*>i 7.7.7.0/24 10.2.7.7 0 100 0 i
R2 still have via AS 100 routes.
R1#conf t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#router bgp 100 R1(config-router)#ip as R1(config-router)#ip as-pa R1(config-router)#exit R1(config)#ip as-pa R1(config)#ip as-path ac R1(config)#ip as-path access-list 3 per R1(config)#ip as-path access-list 3 permit ^$ R1(config)#router bgp 100 R1(config-router)#neigh R1(config-router)#neighbor 50.1.2.2 fil R1(config-router)#neighbor 50.1.2.2 filter-list 3 out R1(config-router)#neighbor 50.1.4.4 filter-list 3 out R1(config-router)#^Z R1#clear ip *Feb 28 13:49:48.242: %SYS-5-CONFIG_I: Configured from console by console R1#clear ip bgp * soft out
R2#show ip bgp
BGP table version is 9, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 50.1.2.1 0 0 100 i
*> 2.2.2.0/24 0.0.0.0 0 32768 i
*>i 3.3.3.0/24 10.2.7.7 0 100 0 300 i
*>i 4.4.4.0/24 10.2.6.6 0 100 0 400 i
*>i 5.5.5.0/24 10.2.6.6 0 100 0 400 i
*>i 6.6.6.0/24 10.2.6.6 0 100 0 i
*>i 7.7.7.0/24 10.2.7.7 0 100 0 i
R4#show ip bgp
BGP table version is 16, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 50.1.4.1 0 0 100 i
*>i 2.2.2.0/24 10.4.5.5 0 100 0 200 i
*>i 3.3.3.0/24 10.4.5.5 0 100 0 200 300 i
*> 4.4.4.0/24 0.0.0.0 0 32768 i
*>i 5.5.5.0/24 10.4.5.5 0 100 0 i
*>i 6.6.6.0/24 10.4.5.5 0 100 0 200 i
*>i 7.7.7.0/24 10.4.5.5 0 100 0 200 i
Now, R2, R4 BGP table has only AS100 origin route only, across AS100 route is not advertised from AS100.
References
tech/network/cisco/bgp/bgp/route-filtering/route-filtering.txt · Last modified: 2019/02/28 22:54 by wnoguchi
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
