.: Cisco CCNP / BSCI Exam Tutorial: Filtering BGP Updates With Prefix Lists
Category:Home / Computers / Computer Certification
A major part of your BSCI and CCNP exam success is mastering BGP, and that includes filtering BGP routing updates. In this tutorial, we'll take a look at how to filter BGP updates with prefix lists.
R4 is advertising three networks via BGP. The downstream router R3 sees these routes and places them into its BGP table as shown below. R3 has two downstream BGP peers, R1 and R2, and is advertising itself as the next-hop IP address for all BGP routes sent to those two routers.
R4(config)#router bgp 4
R4(config-router)#network 21.0.0.0 mask 255.0.0.0
R4(config-router)#network 22.0.0.0 mask 255.0.0.0
R4(config-router)#network 23.0.0.0 mask 255.0.0.0
R3#show ip bgp
BGP table version is 4, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i –
Internal
Origin codes: i - IGP, e - EGP, ? – incomplete
Network Next Hop Metric LocPrf Weight Path
*> 21.0.0.0 10.2.2.4 0 0 4 I
*> 22.0.0.0 10.2.2.4 0 0 4 I
*> 23.0.0.0 10.2.2.4 0 0 4 I
R3(config)#router bgp 123
R3(config-router)#neighbor 172.12.123.1 next-hop-self
R3(config-router)#neighbor 172.12.123.2 next-hop-self
In turn, both R1 and R2 have these three routes in their respective BGP tables.
R2#show ip bgp
BGP table version is 4, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i –
Internal
Origin codes: i - IGP, e - EGP, ? – incomplete
Network Next Hop Metric LocPrf Weight Path
*>i21.0.0.0 172.12.123.3 0 100 0 4 I
*>i22.0.0.0 172.12.123.3 0 100 0 4 I
*>i23.0.0.0 172.12.123.3 0 100 0 4 I
R1#show ip bgp
BGP table version is 4, local router ID is 19.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i –
Internal
Origin codes: i - IGP, e - EGP, ? – incomplete
Network Next Hop Metric LocPrf Weight Path
*>i21.0.0.0 172.12.123.3 0 100 0 4 I
*>i22.0.0.0 172.12.123.3 0 100 0 4 I
*>i23.0.0.0 172.12.123.3 0 100 0 4 I
If we wanted R3 to receive all three of these routes from R4 but not advertise all of them to R2 and R1, we've got a couple of options on how to block these routes. Cisco's recommendation is the use of prefix-lists, and once you get used to the syntax (which you should do before taking and passing the BSCI), you'll see they are actually easier to use than access-lists.
In this case, we're going to configure R3 to send only the route to 21.0.0.0 to R1 and 23.0.0.0 to R2. However, we do want these two routers to get any future routes that R4 advertises into BGP.
Since R1 and R2 will learn about these routes from an iBGP neighbor, they will not advertise the routes to each other.
On R3, we'll write a prefix-list that denies 22.0.0.0/8 and 23.0.0.0/8, but permits all other routes. After applying the prefix list as shown, R1 sees only the 21.0.0.0 /8 route.
R3(config)#ip prefix-list FILTER_R1 deny 22.0.0.0/8
R3(config)#ip prefix-list FILTER_R1 deny 23.0.0.0/8
R3(config)#ip prefix-list FILTER_R1 permit 0.0.0.0/0 le 32
R3(config)#router bgp 123
R3(config-router)#neighbor 172.12.123.1 prefix-list FILTER_R1 out
R3#clear ip bgp * soft
R1#show ip bgp
BGP table version is 6, local router ID is 19.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i –
Internal
Origin codes: i - IGP, e - EGP, ? – incomplete
Network Next Hop Metric LocPrf Weight Path
*>i21.0.0.0 172.12.123.3 0 100 0 4 I
The paths to 22.0.0.0/8 and 23.0.0.0/8 have been successfully filtered.
We'll do the same for R2, except the route not being expressly blocked is 23.0.0.0/8. The line "ip prefix-list permit 0.0.0.0/0 le 32" is the prefix list equivalent of a "permit any" statement in an ACL.
R3(config)#ip prefix-list FILTER_R2 deny 21.0.0.0/8
R3(config)#ip prefix-list FILTER_R2 deny 22.0.0.0/8
R3(config)#ip prefix-list FILTER_R2 permit 0.0.0.0/0 le 32
R3(config)#router bgp 123
R3(config-router)#neighbor 172.12.123.2 prefix-list FILTER_R2 out
R3#clear ip bgp * soft
R2#show ip bgp
BGP table version is 6, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i –
Internal
Origin codes: i - IGP, e - EGP, ? – incomplete
Network Next Hop Metric LocPrf Weight Path
*>i23.0.0.0 172.12.123.3 0 100 0 4 I
The paths to 21.0.0.0/8 and 22.0.0.0/8 have been successfully filtered.
To see the prefix lists configured on a route as well as the order of the statements in each list, run show ip prefix-list.
R3#show ip prefix-list
ip prefix-list FILTER_R1: 3 entries
seq 5 deny 22.0.0.0/8
seq 10 deny 23.0.0.0/8
seq 15 permit 0.0.0.0/0 le 32
ip prefix-list FILTER_R2: 3 entries
seq 5 deny 21.0.0.0/8
seq 10 deny 22.0.0.0/8
seq 15 permit 0.0.0.0/0 le 32
Get some hands-on practice with prefix lists and you'll quickly master them. Prefix lists are an important part of working with BGP in the exam room and production networks, so it's vital that you are comfortable working with them.
Article keywords: ccnp, bsci, exam, free, tutorial, bgp, filter, prefix, list, update, routing, pass, certification
Article Source: http://www.articles32.com
Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of free CCNA and CCNP tutorials, The Ultimate CCNA Study Package, and Ultimate CCNP Study Packages.
You can also join his RSS feed and visit his blog, which is updated several times daily with new Cisco certification articles, free tutorials, and daily CCNA / CCNP exam questions! Details are on the website.
For a FREE copy of his latest e-books, “How To Pass The CCNA” and “How To Pass The CCNP”, visit the website and download your free copies. You can also get FREE CCNA and CCNP exam questions every day! Get your CCNA study guide from The Bryant Advantage!
.: New Computer Certification Articles
1). Cisco CCNP Certification / BCMSN Exam Tutorial: The HSRP MAC Address
To pass the BCMSN exam and earn your CCNP, you've got to know HSRP inside and out! Part of that is knowing how the MAC address of the virtual router is derived, and another part is knowing how to change this address. We'll look at both features in this tutorial.
We've got two routers on a segment running HSRP, so first we need to find out what the MAC address of the HSRP virtual router is.
2). Cisco CCNP Certification / BSCI Exam Tutorial: An Introduction To BGP
When you're studying for the BSCI exam on the way to earning your CCNP certification, it's safe to say that BGP is like nothing you’ve studied to this point. BGP is an external routing protocol used primarily by Internet Service Providers (ISPs). Unless you work for an ISP today or in the future, you may have little or no prior exposure to BGP. Understanding BGP is a great addition to your skill set – and you have to know the basics well to pass the BSCI exam.
3). Cisco CCNA Certification Exam Tutorial: Distance Vector Command Review
Part of studying for CCNA exam success is keeping all these new commands straight in your head! And let's face it, there are a lot of commands you need to know in order to pass the CCNA exam and earn that certification. Here's a review of some very important distance vector and static routing commands you need to know, along with their proper usage and console output.
4). Cisco CCNA Certification Exam Tutorial: Keep Your Most Important Appointment
Imagine this. You have an appointment with a client to work on a server or router install. A few minutes before you're scheduled to be there, you decide there's something really good on TV you'd like to watch. Or you decide to go to the gym, or play a game, or do anything else except go see the client.
Even if you weren't going to get fired for not showing up, it's certainly unfair to the client.
5). CCNP Certification / BSCI Exam Tutorial: The BGP Neighbor Process
Like TCP, BGP is connection-oriented. An underlying connection between two BGP speakers is established before any routing information is exchanged. This connection takes place on TCP port 179. As with EIGRP and OSPF, keepalive messages are sent out by the BGP speakers in order to keep this relationship alive.
Once the connection is established, the BGP speakers exchange routes and synchronize their tables.
6). CCNP Certification / BCMSN Exam Tutorial: Server Load Balancing (SLB)
When you're working on your BCMSN exam on your way to CCNP certification, you'll read at length about how Cisco routers and multilayer switches can work to provide router redundancy - but there's another helpful service, Server Load Balancing, that does the same for servers. While HSRP, VRRP, and CLBP all represent multiple physical routers to hosts as a single virtual router, SLB represents multiple physical servers to hosts as a single virtual server.
7). CCNA / MCSE / CCNP Certification: Making Failure Work For You
Whether you're on the road to the CCNA, CCNP, MCSE, or you're on any other computer certification track, the odds are that sooner or later, you're going to fail an exam. It's happened to almost all of us, yours truly included. What you have to keep in mind in these times is that success is not a straight line. You've probably seen charts showing the growth of an industry or a business -- you know, the ones that go from left to right, and look kind of jagged.
.: Top Computer Certification Articles
1). Cisco CCNP / BSCI Exam Tutorial: OSPF Route Redistribution Review
OSPF route redistribution is an important topic on the BSCI exam, and it's a topic full of details and defaults that you need to know for the exam room and the job. To help you pass the BSCI exam, here's a quick review of some of the OSPF route redistribution basics.
To see if a router is an ABR or ASBR, run show ip ospf. This also displays any routes being redistributed into OSPF on this router.
2). Cisco CCNA Certification Exam Tutorial: Variance And Unequal Cost Load Balancing
To pass the CCNA exam, you've got to know how to work with IGRP and EIGRP unequal-cost load balancing. You may not see much IGRP in production networks anymore, but you'll see a lot of EIGRP, and part of fine-tuning your EIGRP network is making sure that all paths are in use while allowing for varying bandwidth rates.
Using the variance command is the easy part - it's getting the metric that's the hard part with IGRP.
3). Cisco CCNA Exam Tutorial: Route Summarization
Preparing to pass the CCNA exam and earn this important Cisco certification? Route summarization is just one of the many skills you'll have to master in order to earn your CCNA. Whether it's RIP version 2, OSPF, or EIGRP, the CCNA exam will demand that you can flawlessly configure route summarization.
Route summarization isn't just important for the CCNA exam.
4). Cisco CCNA / CCNP Home Lab Setup: How To Configure Reverse Telnet
Occasionally, during your CCNA and CCNP studies, you'll run into a term that just doesn't quite make sense to you. (Okay, more than occasionally!) One such term is "reverse telnet". As a Cisco certification candidate, you know that telnet is simply a protocol that allows you to remotely connect to a networking device such as a router or switch. But.
5). Cisco CCNA / CCNP Home Lab Tutorial: Configuring An Access Server
As your CCNA / CCNP home lab expands, an access server such as the Cisco 2509 or 2511 is one of the best investments you can make. In this article, we'll look at the basic configuration for an access server and discuss how to connect to the other routers and switches in your pod through the AS.
Here's part of a configuration from one of my access servers:
ip host FRS 2006 100.
6). Cisco CCNA Certification: Defining Broadcast Domains
When you're studying to pass the CCNA exam and earn your certification, you're introduced to a great many terms that are either totally new to you or seem familiar, but you're not quite sure what they are. The term "broadcast domain" falls into the latter category for many CCNA candidates.
A broadcast domain is simply the group of end hosts that will receive a broadcast sent out by a given host.
7). Passing Your CCNA and CCNP: Configuring And Troubleshooting Router-On-A-Stick
For CCNA and CCNP candidates, it's hard not to laugh the first time you hear the phrase "router on a stick". Let's face it, that's a pretty silly term. But as those who have passed the CCNA and CCNP exams know, this is a vital exam topic that you must know how to configure and troubleshoot.
Basic Cisco theory states that for hosts in different VLANs to communicate, a Layer 3 device must be involved to handle the routing between the VLANs.