Routing
Blogs
Discussion Forums
Programs & Events
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Reply
Topic Options
Super Contributor
Super Contributor
davidjdv
Posts: 113
Registered: ‎02-26-2008
0

Re: Blocking local routes advertised to BGP

Options

‎04-09-2009 08:44 AM

OK - but I suppose that no routes are advertised at all now (since the EBGP group is inactive) :smileywink:

You can double-check this with the 'show route advertising-protocol bgp ...' commands described above.

 

Please let us know exactly what you want to advertise (and/or block) and we can help you with the config.

 

Cheers,

/david 

Message 11 of 14 (4,787 Views)
 
Reply
PeteW
Contributor
PeteW
Posts: 17
Registered: ‎12-22-2008
0

Re: Blocking local routes advertised to BGP

Options

‎04-09-2009 09:10 AM

Yep, thats ok and I appreciate that there are no routes advertised currently. It alleviates the current problem until we can work out the routes that "should" be advertised via iBGP.

 

Pete 

 

 

Message 12 of 14 (4,787 Views)
 
Reply
Recognized Expert Recognized Expert
Recognized Expert
erdems
Posts: 191
Registered: ‎12-30-2008
0

Re: Blocking local routes advertised to BGP

Options

‎04-09-2009 09:29 AM

Hi PeteW,

 

 As David pointed out, you may want to alter your import/export policies to cover 'safety' mechanisms

as the first couple of terms, like the following example:

 

policy-statement ebgp-export {
    term no-small-prefixes {
        from {
            route-filter 0.0.0.0/0 prefix-length-range /25-/32;
        }
        then reject;
    }
    term no-martians {
        from {
            route-filter 0.0.0.0/8 orlonger;
            route-filter 10.0.0.0/8 orlonger;
            route-filter 127.0.0.0/8 orlonger;
            route-filter 169.254.0.0/16 orlonger;
            route-filter 172.16.0.0/12 orlonger;
            route-filter 192.0.2.0/24 orlonger;
            route-filter 192.168.0.0/16 orlonger;
            route-filter 198.18.0.0/15 orlonger;
            route-filter 224.0.0.0/3 orlonger;
        }
        then reject;
    }
    term no-privates {
        from as-path private;
        then reject;
    }
    term accepted-prefixes { ## <<< this is where you start 'accepting'

       then accept;
    }
}

 

Applying similar import policies to your ebgp sessions (e.g. start with rejecting the 'usual suspects' then accept what you want later) might be a good idea as well.

 

I had read somewhere that paranoia was one's best friend while configuring BGP, and I still do believe that :-)

 

Cheers,

Erdem

____________________________________________
If you think your question's answered, please
mark the respective post as "Accepted Solution".

Kudos are an excellent way of showing appreciation, too.
Message 13 of 14 (4,776 Views)
 
Reply
PeteW
Contributor
PeteW
Posts: 17
Registered: ‎12-22-2008
0

Re: Blocking local routes advertised to BGP

Options

‎04-23-2009 07:16 AM

Many thanks for your assistance guys, the issue is now resolved and all appropriate routes are being advertised :smileywink:
Message 14 of 14 (4,671 Views)
 
Reply
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.