™

Cisco CCNP / BSCI Exam Tutorial: Filtering BGP Updates With Prefix Lists

A significant portion of your BSCI and CCNP Examination achievement is mastering BGP, and that includes filtering BGP routing updates. With this tutorial, we’ll Look into ways to filter BGP updates with prefix lists.

R4 is promoting three networks by means of BGP. The downstream router R3 sees these routes and places them into its BGP table as demonstrated underneath. R3 has two downstream BGP friends, R1 and R2, and is particularly advertising by itself as the subsequent-hop IP address for all BGP routes despatched to These two routers.

R4(config)#router bgp 4

R4(config-router)#community 21.0.0.0 mask 255.0.0.0

R4(config-router)#community 22.0.0.0 mask 255.0.0.0

R4(config-router)#community 23.0.0.0 mask 255.0.0.0

R3#clearly show ip bgp

BGP table version is four, regional router ID is three.three.three.3

Position codes: s suppressed, d damped, h record, * valid, > best, i

Inside

Origin codes: i – IGP, e – EGP, ? incomplete

Community Following Hop Metric LocPrf Weight Route

*> 21.0.0.0 ten.2.two.four 0 0 4 I

*> 22.0.0.0 ten.two.two.4 0 0 4 I

*> 23.0.0.0 ten.two.two.4 0 0 four I

R3(config)#router bgp 123

R3(config-router)#neighbor 172.twelve.123.one following-hop-self

R3(config-router)#neighbor 172.12.123.two subsequent-hop-self

Consequently, the two R1 and R2 have these a few routes within their respective BGP tables.

R2#clearly show ip bgp

BGP table version is 4, local router ID is 2.2.2.2

*>i21.0.0.0 172.twelve.123.3 0 one hundred 0 4 I

*>i22.0.0.0 172.twelve.123.3 0 a hundred 0 four I

*>i23.0.0.0 172.12.123.three 0 100 0 four I

R1#display ip bgp

BGP desk version is 4, area router ID is 19.1.1.1

Network Up coming Hop Metric LocPrf Body weight Route

*>i21.0.0.0 172.12.123.3 0 a hundred 0 four I

*>i22.0.0.0 172.12.123.3 0 a hundred 0 4 I

*>i23.0.0.0 172.twelve.123.3 0 one hundred 0 four I

If we desired R3 to get all 3 of these routes from R4 although not market all of them to R2 and R1, we’ve bought two or three selections regarding how to block these routes. Cisco’s suggestion is using prefix-lists, and when you get used to the syntax (which you need to do prior to getting and passing the BSCI), you’ll see they are literally simpler to use than accessibility-lists.

In such cases, we’re gonna configure R3 to ship only the route to 21.0.0.0 to R1 and 23.0.0.0 to R2. Nevertheless, we do want both of these routers to have any long run routes that R4 advertises into BGP.

Due to the fact R1 and R2 will learn about these routes from an iBGP neighbor, they won't promote the routes to one another.

On R3, we’ll compose a prefix-checklist that denies 22.0.0.0/8 and 23.0.0.0/eight, but permits all other routes. Just after applying the prefix record as revealed, R1 sees just the 21.0.0.0 /eight route.

R3(config)#ip prefix-checklist FILTER_R1 deny 22.0.0.0/eight

R3(config)#ip prefix-checklist FILTER_R1 deny 23.0.0.0/8

R3(config)#ip prefix-listing FILTER_R1 permit 0.0.0.0/0 le 32

R3(config-router)#neighbor 172.12.123.1 prefix-list FILTER_R1 out

R3#distinct ip bgp * smooth

BGP table version is six, nearby router ID is 19.1.one.1

Network Next Hop Metric LocPrf Fat Route

The paths to 22.0.0.0/8 and 23.0.0.0/8 are properly filtered.

We’ll do exactly https://socialhattori.com/ the same for R2, apart from the route not being expressly blocked is 23.0.0.0/8. The road “ip prefix-record allow 0.0.0.0/0 le 32” would be the prefix list equal of the “allow any” assertion within an ACL.

R3(config)#ip prefix-checklist FILTER_R2 deny 21.0.0.0/eight

R3(config)#ip prefix-record FILTER_R2 deny 22.0.0.0/8

R3(config)#ip prefix-list FILTER_R2 permit 0.0.0.0/0 le 32

R3(config-router)#neighbor 172.12.123.2 prefix-checklist FILTER_R2 out

R3#very clear ip bgp * delicate

BGP table Model is six, nearby router ID is two.2.two.two

Interior

Community Up coming Hop Metric LocPrf Weight Route

*>i23.0.0.0 172.twelve.123.three 0 100 0 four I

The paths to 21.0.0.0/eight and 22.0.0.0/eight have already been successfully filtered.

To begin to see the prefix lists configured on the route plus the get with the statements in each checklist, run demonstrate ip prefix-record.

R3#display ip prefix-listing

ip prefix-record FILTER_R1: 3 entries

seq 5 deny 22.0.0.0/8

seq 10 deny 23.0.0.0/8

seq 15 permit 0.0.0.0/0 le 32

ip prefix-list FILTER_R2: three entries

seq five deny 21.0.0.0/8

seq ten deny 22.0.0.0/eight

Get some fingers-on apply with prefix lists and also you’ll speedily grasp them. Prefix lists are a significant part of working with BGP from the exam home and manufacturing networks, so it’s vital that you're relaxed working with them.