![Using ACLs as filters](/images/new-backgrounds/114945/11494523x1.webp)
BGP: Configuring Distribute Filters
Using ACLs as filters
When you have created an ACL, you can use it to filter incoming or outgoing update messages for a particular BGP peer, by using the following commands in BGP router mode for the AS.
Filter incoming updates (received from a particular neighbor):
Filter outgoing updates (destined for a particular neighbor):
The switch will then compare the prefixes in update packets with each entry in the ACL, looking for matches.
If a matching entry has the parameter permit, then there will be effectively no action. If a matching entry has the parameter deny, then the specified prefix will be removed from the update packet.
Once the update packet has been compared against every entry in the ACL, it will be sent to the neighbor (out filters) or processed (in filters), minus any prefixes that have been removed by the filter.
Example: Distribute filters
Filter out one particular route from a neighbor
This example expands on the basic configuration in "BGP: Example" on page 8.
It creates an ACL on the AlliedWare Plus switch that explicitly denies one of the routes that is advertised from the AW neighbor, and explicitly accepts all other routes.
1.Create a named ACL to deny the route 52.0.0.0/8 and accept all others. You need to include a permit any entry because ACLs end in an implicit deny any entry.
awplus(config)#
2. Set that ACL as the filter for the BGP neighbor 45.45.45.46.
awplus(config)# router bgp 34567
Page 12 Use Route Maps and Other Filters to Filter and Alter BGP and OSPF Routes