Wednesday, May 18, 2011

Lab 138 - BGP ORF

Prerequisites: CCNP level skills.

Topology

Pic. 1 - Topology Diagram.
Icons designed by: Andrzej Szoblik - http://www.newo.pl

Task 1
R5 should filter out all class A prefixes starting with 40.x.x.x. Configure routers in such a way that changing the inbound filtering policy on R5 should force R3 to apply the right filtering preventing it from sending prefixes R5 does not wish to receive.

Solution

Task 1

R5 should filter out all class A prefixes starting with 40.x.x.x. Configure routers in such a way that changing the inbound filtering policy on R5 should force R3 to apply the right filtering preventing it from sending prefixes R5 does not wish to receive.

R3 Configuration:
!
router bgp 123
 no synchronization
 bgp router-id 172.16.103.3
 bgp log-neighbor-changes
 network 172.16.103.0 mask 255.255.255.0
 neighbor 10.1.13.1 remote-as 123
 neighbor 10.1.13.1 route-reflector-client
 neighbor 10.1.13.1 next-hop-self
 neighbor 10.1.23.2 remote-as 123
 neighbor 10.1.23.2 route-reflector-client
 neighbor 10.1.23.2 next-hop-self 
 neighbor 10.1.35.5 remote-as 50
 neighbor 10.1.35.5 capability orf prefix-list receive
 no auto-summary
!


R5 Configuration:
!
router bgp 50
 no synchronization
 bgp router-id 172.16.105.5
 bgp log-neighbor-changes
 network 172.16.105.0 mask 255.255.255.0
 neighbor 10.1.35.3 remote-as 123
 neighbor 10.1.35.3 capability orf prefix-list send
 no auto-summary
!

Verification:

Pic. 2 - Outbound Route Filtering Negotiated between R3 and R5.


Notice!
ORF has been enabled and supports prefix-lists only (as of writing this post). Now, I can apply the prefix-list based filtering as per Task 1.

Pic. 3 - BGP Table on R5 Before Filtering.


R5 Configuration:
!
ip prefix-list FILTER seq 5 deny 40.0.0.0/8 le 32
ip prefix-list FILTER seq 10 permit 0.0.0.0/0 le 32
!
router bgp 50
 no synchronization
 bgp router-id 172.16.105.5
 bgp log-neighbor-changes
 network 172.16.105.0 mask 255.255.255.0
 neighbor 10.1.35.3 remote-as 123
 neighbor 10.1.35.3 capability orf prefix-list send
 neighbor 10.1.35.3 prefix-list FILTER in
 no auto-summary
!


Verification:

Pic. 4 -  Prefix-List Applied on R5.


Now, 'clear ip bgp * in' on R5.