Internet Connectivity for Enterprise Networks - BGP Design and Implementation - page 244

Information Technology Reference

In-Depth Information

Final Configurations

So far in this case study, you have focused on defining traffic policy. In this section, you

learn the route filtering required to prevent acceptance of Martian address space and to pre-

vent the enterprise from providing transit service. To provide a complete scenario, the route

filtering will be added to the final configurations. The Martian prefix filters are shown in

Example 6-12. The prefix filters for Class D and Class E have been condensed into a single

rule. In an actual deployment, this route filtering would be part of the initial configuration.

The final configurations are shown in Examples 6-13, 6-14, and 6-15.

Example 6-12 Martian Prefix Filtering

Router#show running-config | begin prefix

ip prefix-list MARTIAN seq 5 deny 0.0.0.0/8 le 32

ip prefix-list MARTIAN seq 10 deny 10.0.0.0/8 le 32

ip prefix-list MARTIAN seq 15 deny 172.16.0.0/12 le 32

ip prefix-list MARTIAN seq 20 deny 192.168.0.0/16 le 32

ip prefix-list MARTIAN seq 25 deny 127.0.0.0/8 le 32

ip prefix-list MARTIAN seq 30 deny 169.254.0.0/16 le 32

ip prefix-list MARTIAN seq 35 deny 192.0.2.0/24 le 32

ip prefix-list MARTIAN seq 40 deny 224.0.0.0/3 le 32

ip prefix-list MARTIAN seq 50 deny 172.160.0.0/16 le 32

ip prefix-list MARTIAN seq 55 permit 0.0.0.0/0 le 32

!

Example 6-13 Final Configuration for R1

R1#show running-config | begin bgp

router bgp 300

no synchronization

bgp log-neighbor-changes

network 172.160.0.0

neighbor 172.160.1.2 remote-as 300

neighbor 172.160.1.2 update-source loopback0

neighbor 172.160.1.3 remote-as 300

neighbor 172.160.1.3 update-source loopback0

neighbor 100.100.100.1 remote-as 100

neighbor 100.100.100.1 route-map LPREF_IN in

neighbor 100.100.100.1 prefix-list MARTIAN in

neighbor 100.100.100.1 filter-list 10 out

neighbor 100.100.100.1 prefix-list PFX_OUT out

no auto-summary

!

route-map LPREF_IN permit 10

set local-preference 120

!

ip as-path access-list 10 permit ^$

!

ip prefix-list PFX_OUT seq 5 permit 172.160.0.0/16

ip prefix-list PFX_OUT seq 10 deny any

Next Page

BGP Design and Implementation

Search WWH ::

Custom Search

Home