Routing
Reply
Super Contributor
Posts: 113
Registered: ‎02-26-2008
0

Re: Blocking local routes advertised to BGP

OK - but I suppose that no routes are advertised at all now (since the EBGP group is inactive) :smileywink:

You can double-check this with the 'show route advertising-protocol bgp ...' commands described above.

 

Please let us know exactly what you want to advertise (and/or block) and we can help you with the config.

 

Cheers,

/david 

Contributor
Posts: 17
Registered: ‎12-22-2008
0

Re: Blocking local routes advertised to BGP

Yep, thats ok and I appreciate that there are no routes advertised currently. It alleviates the current problem until we can work out the routes that "should" be advertised via iBGP.

 

Pete 

 

 

Recognized Expert
Posts: 191
Registered: ‎12-30-2008
0

Re: Blocking local routes advertised to BGP

Hi PeteW,

 

 As David pointed out, you may want to alter your import/export policies to cover 'safety' mechanisms

as the first couple of terms, like the following example:

 

policy-statement ebgp-export {
    term no-small-prefixes {
        from {
            route-filter 0.0.0.0/0 prefix-length-range /25-/32;
        }
        then reject;
    }
    term no-martians {
        from {
            route-filter 0.0.0.0/8 orlonger;
            route-filter 10.0.0.0/8 orlonger;
            route-filter 127.0.0.0/8 orlonger;
            route-filter 169.254.0.0/16 orlonger;
            route-filter 172.16.0.0/12 orlonger;
            route-filter 192.0.2.0/24 orlonger;
            route-filter 192.168.0.0/16 orlonger;
            route-filter 198.18.0.0/15 orlonger;
            route-filter 224.0.0.0/3 orlonger;
        }
        then reject;
    }
    term no-privates {
        from as-path private;
        then reject;
    }
    term accepted-prefixes { ## <<< this is where you start 'accepting'

       then accept;
    }
}

 

Applying similar import policies to your ebgp sessions (e.g. start with rejecting the 'usual suspects' then accept what you want later) might be a good idea as well.

 

I had read somewhere that paranoia was one's best friend while configuring BGP, and I still do believe that :-)

 

Cheers,

Erdem

____________________________________________
If you think your question's answered, please
mark the respective post as "Accepted Solution".

Kudos are an excellent way of showing appreciation, too.
Highlighted
Contributor
Posts: 17
Registered: ‎12-22-2008
0

Re: Blocking local routes advertised to BGP

Many thanks for your assistance guys, the issue is now resolved and all appropriate routes are being advertised Smiley Wink
Copyright© 1999-2015 Juniper Networks, Inc. All rights reserved.