Scribd
Upload
24 views15 pages

Lab-Bgp3 Manual

Uploaded by

Mbaye Dieye
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
24 views15 pages

Lab-Bgp3 Manual

Uploaded by

Mbaye Dieye
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 15

prefix filtering

netkit-lab-bgp-1
applying policies
1 announcement filtering
n send/accept an announcement only if

some condition is verified


n commands:

n prefix-list used to filter prefixes


n filter-lists used to filter as numbers
2 announcement tuning
n attach to your announcement some

information (attributes) that should be


considered by the receiver
n commands:

n route-map
prefix filtering commands
command syntax

neighbor
neighbor <neighbor-ip>
<neighbor-ip> prefix-list
prefix-list <p-list-name>
<p-list-name> in
in
command syntax

neighbor
neighbor <neighbor-ip>
<neighbor-ip> prefix-list
prefix-list <p-list-name>
<p-list-name> out
out

command syntax

ip
ip prefix-list
prefix-list <p-list-name>
<p-list-name> permit
permit <network/mask>
<network/mask>
command syntax

ip
ip prefix-list
prefix-list <p-list-name>
<p-list-name> deny
deny <network/mask>
<network/mask>
prefix filtering: example
zebra configuration file

router
router bgp
bgp 11
network
network 195.11.14.0/24
195.11.14.0/24
network
network 195.11.15.0/24
195.11.15.0/24
neighbor
neighbor 193.10.11.2
193.10.11.2 remote-as
remote-as 22
neighbor
neighbor 193.10.11.2
193.10.11.2 description
description Router
Router 22 of
of AS2
AS2
neighbor
neighbor 193.10.11.2
193.10.11.2 prefix-list
prefix-list partialOut
partialOut out
out
neighbor
neighbor 193.10.11.2
193.10.11.2 prefix-list
prefix-list partialIn
partialIn in
in
!!
ip
ip prefix-list
prefix-list partialOut
partialOut permit
permit 195.11.14.0/24
195.11.14.0/24
!!
ip
ip prefix-list
prefix-list partialIn
partialIn deny
deny 200.1.1.0/24
200.1.1.0/24
ip
ip prefix-list
prefix-list partialIn
partialIn permit
permit any
any
only 195.11.14.0/24 is announced to neighbor 193.10.11.2
all with the exception of 200.1.1.0/24 is accepted from 193.10.11.2
lab-bgp-3-prefix-filtering
AS1
195.11.14.0/24 B
1
eth1
1
eth2
1 200.1.2.0/24
195.11.15.0/24 C eth0

A
2 AS2
eth0
193.10.11.0/24
1
eth2
1
eth1 E
200.1.1.0/24 D
lab-bgp-3-prefix-filtering
n launch the script
n type “prefix-filtering start”
n check bgpd configuration file
n type “more /etc/zebra/bgpd.conf”
n check the routing table
n type “route”
n type “telnet 0 zebra”
n insert the password “zebra”
n type “show ip route”
n check bgp daemon log file
n type “more /var/log/zebra/bgpd.log”
lab-bgp-3-prefix-filtering

n check the bgpd cli (command line interface)


n type “telnet 0 bgpd”
n insert the password “zebra”
n type “show ip bgp neighbors”
n type “show ip bgp 200.1.1.0”
n terminate the script
n type “prefix-filtering crash”
attributes
n a bgp announce is a “bag” of attributes
n attributes may be “well-known” (mandatory) or
optional
n attributes may be transitive or nontransitive
n transitive attributes are passed when received
n nontransitive attributes travel a single hop
n well-known attributes are always transitive
attribute list
n prefix
n the section of ip space announced
n as-path
n the sequence of traversed ases
n origin
n igp, egp, incomplete
n next-hop
n to be inserted in the routing table
n metric (multi-exit-discriminator)
n asking other as to prefer lower values of it
n local-pref
n asking ibgp peers to prefer lower values
n atomic aggregate
n aggregator
n weight
n cisco proprietary
attributes: prefix & as-path

as40 as31
193.204.161.0/24

193.204.161.0/24
40 100
193.204.161.0/24 193.204.161.0/24
100 31 40 100

as100
193.204.161.0/24 193.204.161.0/24
as60
212 60 31 40 100 60 31 40 100

193.204.161.0/24
100
as212
legenda:
prefix
as-path
bgp decision process

highest 1. largest weight (cisco proprietary)


priority
2. largest local preference
3. locally originated
4. shortest as-path length
5. lowest origin
6. lowest multi-exit-discriminator
7. prefer ebgp over ibgp
8. lowest igp metric
lowest
priority
9. lowest bgp router-id
attribute setting commands
command syntax

neighbor
neighbor <neighbor-ip>
<neighbor-ip> route-map
route-map <r-map-name>
<r-map-name> in
in
command syntax

neighbor
neighbor <neighbor-ip>
<neighbor-ip> route-map
route-map <r-map-name>
<r-map-name> out
out
command syntax

route-map
route-map <r-map-name>
<r-map-name> permit
permit <seq-number>
<seq-number>
match
match <announce-property>
<announce-property>
set
set <attribute-setting>
<attribute-setting>
...
...
command syntax

route-map
route-map <r-map-name>
<r-map-name> deny
deny <seq-number>
<seq-number>
match
match <announce-property>
<announce-property>
set
set <attribute-setting>
<attribute-setting>
...
...
attribute setting example
zebra configuration file

router
router bgp
bgp 100
100
network
network 100.1.1.0/24
100.1.1.0/24
neighbor
neighbor 222.2.2.2
222.2.2.2 remote-as
remote-as 200
200
neighbor
neighbor 222.2.2.2
222.2.2.2 route-map
route-map myRouteMap
myRouteMap in
in
!!
route-map
route-map myRouteMap
myRouteMap permit
permit 10
10
match
match ip
ip address
address myAccessList
myAccessList
set
set metric
metric 55
set
set local-preference
local-preference 25
25
!!
route-map
route-map myRouteMap
myRouteMap permit
permit 20
20
set
set metric
metric 22
!!
access-list
access-list myAccessList
myAccessList permit
permit 193.204.0.0/16
193.204.0.0/16
all match commands
n match as-path
n match community
n match clns
n match interface
n match ip address
n match ip next-hop
n match ip route-source
n match metric
n match route-type
n match tag
all set commands
n set as-path n set local-preference
n set clns n set metric
n set automatic-tag n set metric-type
n set community n set next-hop
n set interface n set origin
n set default interface n set tag
n set ip default next-hop n set weight
n set level

You might also like