[x]

Controlling route distribution and reception > Configuring BGP route filtering policies

 

 Next

Configuring BGP route filtering policies

Configuration prerequisites

Before you configure BGP routing filtering policies, configure the following filters used for route filtering as needed:

Configuring BGP route distribution filtering policies

To configure BGP route distribution filtering policies, use the following methods:

If you configure multiple filtering policies, apply them in the following sequence:

  1. filter-policy export

  2. peer filter-policy export

  3. peer as-path-acl export

  4. peer prefix-list export

  5. peer route-policy export

Only routes passing all the configured policies can be advertised.

To configure BGP route distribution filtering policies (IPv4 unicast/multicast address family):

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.

  • Enter BGP IPv4 unicast address family view:

    1. bgp as-number [ instance instance-name ]

    2. address-family ipv4 [ unicast ]

  • Enter BGP-VPN IPv4 unicast address family view:

    1. bgp as-number [ instance instance-name ]

    2. ip vpn-instance vpn-instance-name

    3. address-family ipv4 [ unicast ]

  • Enter BGP IPv4 multicast address family view:

    1. bgp as-number [ instance instance-name ]

    2. address-family ipv4 multicast

N/A

3. Configure BGP route distribution filtering policies.

  • Reference an ACL or IP prefix list to filter advertised BGP routes:filter-policy { ipv4-acl-number | prefix-list prefix-list-name } export [ direct | isis process-id | ospf process-id | rip process-id | static ]

  • Reference a routing policy to filter BGP routes advertised to a peer or peer group:peer { group-name | ipv4-address [ mask-length ] } route-policy route-policy-name export

  • Reference an ACL to filter BGP routes advertised to a peer or peer group:peer { group-name | ipv4-address [ mask-length ] } filter-policy ipv4-acl-number export

  • Reference an AS path list to filter BGP routes advertised to a peer or peer group:peer { group-name | ipv4-address [ mask-length ] } as-path-acl as-path-acl-number export

  • Reference an IPv4 prefix list to filter BGP routes advertised to a peer or peer group:peer { group-name | ipv4-address [ mask-length ] } prefix-list prefix-list-name export

Use at least one method.

By default, no BGP distribution filtering policy is configured.

To configure BGP route distribution filtering policies (IPv6 unicast/multicast address family):

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Enter BGP IPv6 unicast address family view, BGP-VPN IPv6 unicast address family view, or BGP IPv6 multicast address family view.

  • Enter BGP IPv6 unicast address family view:

    1. bgp as-number [ instance instance-name ]

    2. address-family ipv6 [ unicast ]

  • Enter BGP-VPN IPv6 unicast address family view:

    1. bgp as-number [ instance instance-name ]

    2. ip vpn-instance vpn-instance-name

    3. address-family ipv6 [ unicast ]

  • Enter BGP IPv6 multicast address family view:

    1. bgp as-number [ instance instance-name ]

    2. address-family ipv6 multicast

N/A

3. Configure BGP route distribution filtering policies.

  • Reference an ACL or IPv6 prefix list to filter advertised BGP routes:filter-policy { ipv6-acl-number | prefix-list ipv6-prefix-name } export [ direct | isisv6 process-id | ospfv3 process-id | ripng process-id | static ]

  • Reference a routing policy to filter BGP routes advertised to a peer or peer group:peer { group-name | ipv6-address [ prefix-length ] } route-policy route-policy-name export

  • Reference an ACL to filter BGP routes advertised to a peer or peer group:peer { group-name | ipv6-address [ prefix-length ] } filter-policy ipv6-acl-number export

  • Reference an AS path list to filter BGP routes advertised to a peer or peer group:peer { group-name | ipv6-address [ prefix-length ] } as-path-acl as-path-acl-number export

  • Reference an IPv6 prefix list to filter BGP routes advertised to a peer or peer group
    peer { group-name | ipv6-address [ prefix-length ] } prefix-list ipv6-prefix-name export

Use at least one method.

By default, no BGP distribution filtering policy is configured.

Configuring BGP route reception filtering policies

You can use the following methods to configure BGP route reception filtering policies:

If you configure multiple filtering policies, apply them in the following sequence:

  1. filter-policy import

  2. peer filter-policy import

  3. peer as-path-acl import

  4. peer prefix-list import

  5. peer route-policy import

Only routes passing all the configured policies can be received.

To configure BGP route reception filtering policies (IPv4 unicast/multicast address family):

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.

  • Enter BGP IPv4 unicast address family view:

    1. bgp as-number [ instance instance-name ]

    2. address-family ipv4 [ unicast ]

  • Enter BGP-VPN IPv4 unicast address family view:

    1. bgp as-number [ instance instance-name ]

    2. ip vpn-instance vpn-instance-name

    3. address-family ipv4 [ unicast ]

  • Enter BGP IPv4 multicast address family view:

    1. bgp as-number [ instance instance-name ]

    2. address-family ipv4 multicast

N/A

3. Configure BGP route reception filtering policies.

  • Reference an ACL or IP prefix list to filter BGP routes received from all peers:filter-policy { ipv4-acl-number | prefix-list prefix-list-name } import

  • Reference a routing policy to filter BGP routes received from a peer or peer group:peer { group-name | ipv4-address [ mask-length ] } route-policy route-policy-name import

  • Reference an ACL to filter BGP routes received from a peer or peer group:peer { group-name | ipv4-address [ mask-length ] } filter-policy ipv4-acl-number import

  • Reference an AS path list to filter BGP routes received from a peer or peer group:peer { group-name | ipv4-address [ mask-length ] } as-path-acl as-path-acl-number import

  • Reference an IPv4 prefix list to filter BGP routes received from a peer or peer group:peer { group-name | ipv4-address [ mask-length ] } prefix-list prefix-list-name import

Use at least one method.

By default, no route reception filtering is configured.

To configure BGP route reception filtering policies (IPv6 unicast/multicast address family):

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Enter BGP IPv6 unicast address family view, BGP-VPN IPv6 unicast address family view, or BGP IPv6 multicast address family view.

  • Enter BGP IPv6 unicast address family view:

    1. bgp as-number [ instance instance-name ]

    2. address-family ipv6 [ unicast ]

  • Enter BGP-VPN IPv6 unicast address family view:

    1. bgp as-number [ instance instance-name ]

    2. ip vpn-instance vpn-instance-name

    3. address-family ipv6 [ unicast ]

  • Enter BGP IPv6 multicast address family view:

    1. bgp as-number [ instance instance-name ]

    2. address-family ipv6 multicast

N/A

3. Configure BGP route reception filtering policies.

  • Reference ACL or IPv6 prefix list to filter BGP routes received from all peers:filter-policy { ipv6-acl-number | prefix-list ipv6-prefix-name } import

  • Reference a routing policy to filter BGP routes received from a peer or peer group:peer { group-name | ipv6-address [ prefix-length ] } route-policy route-policy-name import

  • Reference an ACL to filter BGP routes received from a peer or peer group:peer { group-name | ipv6-address [ prefix-length ] } filter-policy ipv6-acl-number import

  • Reference an AS path list to filter BGP routes received from a peer or peer group:peer { group-name | ipv6-address [ prefix-length ] } as-path-acl as-path-acl-number import

  • Reference an IPv6 prefix list to filter BGP routes received from a peer or peer group:peer { group-name | ipv6-address [ prefix-length ] } prefix-list ipv6-prefix-name import

Use at least one method.

By default, no route reception filtering is configured.

prev

 

up

 next

Limiting routes received from a peer or peer group 

home

 Setting the BGP route sending rate

© Copyright 2017 Hewlett Packard Enterprise Development LP