[x]

Controlling route distribution and reception > Configuring BGP route filtering policies

 

 Next

Configuring BGP route filtering policies

Configuration prerequisites

Before you configure BGP routing filtering policies, configure the following filters used for route filtering as needed:

Configuring BGP route distribution filtering policies

To configure BGP route distribution filtering policies, use the following methods:

If you configure multiple filtering policies, apply them in the following sequence:

  1. filter-policy export

  2. peer filter-policy export

  3. peer as-path-acl export

  4. peer prefix-list export

  5. peer route-policy export

Only routes passing all the configured policies can be advertised.

To configure BGP route distribution filtering policies (IPv4):

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Enter BGP view or BGP-VPN instance view.

  • Enter BGP view:bgp as-number

  • Enter BGP-VPN instance view:

    1. bgp as-number

    2. ip vpn-instance vpn-instance-name

N/A

3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view.

address-family ipv4 [ unicast ]

N/A

4. Configure BGP route distribution filtering policies.

  • Reference an ACL or IP prefix list to filter advertised BGP routes:filter-policy { acl-number | prefix-list prefix-list-name } export [ direct | isis process-id | ospf process-id | rip process-id | static ]

  • Reference a routing policy to filter BGP routes advertised to a peer or peer group:peer { group-name | ip-address [ mask-length ] } route-policy route-policy-name export

  • Reference an ACL to filter BGP routes advertised to a peer or peer group:peer { group-name | ip-address [ mask-length ] } filter-policy acl-number export

  • Reference an AS path list to filter BGP routes advertised to a peer or peer group:peer { group-name | ip-address [ mask-length ] } as-path-acl as-path-acl-number export

  • Reference an IPv4 prefix list to filter BGP routes advertised to a peer or peer group:peer { group-name | ip-address [ mask-length ] } prefix-list prefix-list-name export

Use at least one method.

By default, no BGP distribution filtering policy is configured.

To configure BGP route distribution filtering policies (IPv6):

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Enter BGP view or BGP-VPN instance view.

  • Enter BGP view:bgp as-number

  • Enter BGP-VPN instance view:

    1. bgp as-number

    2. ip vpn-instance vpn-instance-name

N/A

3. Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.

address-family ipv6 [ unicast ]

N/A

4. Configure BGP route distribution filtering policies.

  • Reference an ACL or IPv6 prefix list to filter advertised BGP routes:filter-policy { acl6-number | prefix-list ipv6-prefix-name } export [ direct | isisv6 process-id | ospfv3 process-id | ripng process-id | static ]

  • Reference a routing policy to filter BGP routes advertised to a peer or peer group:peer { group-name | ipv6-address [ prefix-length ] } route-policy route-policy-name export

  • Reference an ACL to filter BGP routes advertised to a peer or peer group:peer { group-name | ipv6-address [ prefix-length ] } filter-policy acl6-number export

  • Reference an AS path list to filter BGP routes advertised to a peer or peer group:peer { group-name | ipv6-address [ prefix-length ] } as-path-acl as-path-acl-number export

  • Reference an IPv6 prefix list to filter BGP routes advertised to a peer or peer group peer { group-name | ipv6-address [ prefix-length ] } prefix-list ipv6-prefix-name export

Use at least one method.

Not configured by default.

Configuring BGP route reception filtering policies

You can use the following methods to configure BGP route reception filtering policies:

If you configure multiple filtering policies, apply them in the following sequence:

  1. filter-policy import

  2. peer filter-policy import

  3. peer as-path-acl import

  4. peer prefix-list import

  5. peer route-policy import

Only routes passing all the configured policies can be received.

To configure BGP route reception filtering policies (IPv4):

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Enter BGP view or BGP-VPN instance view.

  • Enter BGP view:bgp as-number

  • Enter BGP-VPN instance view:

    1. bgp as-number

    2. ip vpn-instance vpn-instance-name

N/A

3. Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view.

address-family ipv4 [ unicast ]

N/A

4. Configure BGP route reception filtering policies.

  • Reference an ACL or IP prefix list to filter BGP routes received from all peers:filter-policy { acl-number | prefix-list prefix-list-name } import

  • Reference a routing policy to filter BGP routes received from a peer or peer group:peer { group-name | ip-address [ mask-length ] } route-policy route-policy-name import

  • Reference an ACL to filter BGP routes received from a peer or peer group:peer { group-name | ip-address [ mask-length ] } filter-policy acl-number import

  • Reference an AS path list to filter BGP routes received from a peer or peer group:peer { group-name | ip-address [ mask-length ] } as-path-acl as-path-acl-number import

  • Reference an IPv4 prefix list to filter BGP routes received from a peer or peer group:peer { group-name | ip-address [ mask-length ] } prefix-list prefix-list-name import

Use at least one method.

By default, no route reception filtering is configured.

To configure BGP route reception filtering policies (IPv6):

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Enter BGP view or BGP-VPN instance view.

  • Enter BGP view:bgp as-number

  • Enter BGP-VPN instance view:

    1. bgp as-number

    2. ip vpn-instance vpn-instance-name

N/A

3. Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.

address-family ipv6 [ unicast ]

N/A

4. Configure BGP route reception filtering policies.

  • Reference ACL or IPv6 prefix list to filter BGP routes received from all peers:filter-policy { acl6-number | prefix-list ipv6-prefix-name } import

  • Reference a routing policy to filter BGP routes received from a peer or peer group:peer { group-name | ipv6-address [ prefix-length ] } route-policy route-policy-name import

  • Reference an ACL to filter BGP routes received from a peer or peer group:peer { group-name | ipv6-address [ prefix-length ] } filter-policy acl6-number import

  • Reference an AS path list to filter BGP routes received from a peer or peer group:peer { group-name | ipv6-address [ prefix-length ] } as-path-acl as-path-acl-number import

  • Reference an IPv6 prefix list to filter BGP routes received from a peer or peer group:peer { group-name | ipv6-address [ prefix-length ] } prefix-list ipv6-prefix-name import

Use at least one method.

By default, no route reception filtering is configured.

prev

 

up

 next

Limiting routes received from a peer or peer group 

home

 Configuring BGP update sending delay

© Copyright 2015, 2017 Hewlett Packard Enterprise Development LP