32-49
Cisco ME 3400 EthernetAccess Switch SoftwareConfiguration Guide
78-17058-01
Chapter32 Configuring IP Unicast Routing Configuring BGP
Configuring BGP Filtering by Neighbor
You can filter BGP advertisements by using AS-path filters, such as the as-path access-list global
configuration command and the neighbor filter-list router configuration command. You can also use
access lists with the neighbor distribute-list router configuration command. Distribute-list filters are
applied to network numbers. See the “Controlling Advertising and Processing in Routing Updates”
section on page 32-80 for information about the distribute-list command.
You can use route maps on a per-neighbor basis to f ilter updates an d to modify v arious attrib utes. A ro ute
map can be applied to either inbound or outbound updates. Onl y the rout es th at p ass the r oute map a re
sent or accepted in updates. On both inbound and outbound updates, matching is supported based on AS
path, community, and network numbers. Autonomous system path matching requires the match as-path
access-list route-map command, community based matching requires the match community-list
route-map command, and network-based matching requires the ip access-list global configurati on
command.
Beginning in privileged EXEC mode, follow these steps to apply a per-neighbor route map:
Use the no neighbor distribute-list command to remove the access list from the neighbor. Use the no
neighbor route-map map-tag router configuration command to remove the route map from the
neighbor.
Another method of filtering is to specify an access list filter on both incoming and outbound updates,
based on the BGP autonomous system paths. Each filter is an access list based on regular expressions.
(See the “Regular Expressions” appendix in the Cisco IOS Dial Technologies Command Reference,
Release 12.2 for more information on forming regular expressio ns. ) To use this method, de fine an
autonomous system path access list, and apply it to updates to and from particular neighbors.
Beginning in privileged EXEC mode, follow these steps to configure BGP path filtering:
Command Purpose
Step1 configure terminal Enter global configuration mode.
Step2 router bgp autonomous-system Enable a BGP routing process, assign it an AS number, and enter
router configuration mode.
Step3 neighbor {ip-address | peer-group name}
distribute-list {access-list-number | name}
{in | out}
(Optional) Filter BGP routing updates to or from neighbors as
specified in an access list.
Note You can also use the neighbor prefix-list router
configuration command to filter updates, but you cannot use
both commands to configure the same BGP peer.
Step4 neighbor {ip-address | peer-group name}
route-map map-tag {in | out}(Optional) Apply a route map to filter an incoming or ou tgoing
route.
Step5 end Return to privileged EXEC mode.
Step6 show ip bgp neighbors Verify the configuration.
Step7 copy running-config startup-config (Optional) Save your entries in the configuration file.
Command Purpose
Step1 configure terminal Enter global configuration mode.
Step2 ip as-path access-list access-list-number
{permit | deny} as-regular-expressions Define a BGP-related access list.