Sorry, I did not read question clearly, if using no-advertise, R1,R2, and R2 will not see those routes. ~ml
From: [EMAIL PROTECTED]: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]: RE: [OSL | CCIE_RS] BGP communties problemDate: Fri, 19 Oct 2007 23:21:32 -0400 No export means do NOT send it to another external AS. No advertise means do not send it to ANY other peer, internal or external. HTH, Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, JNCIE-M #153, JNCIS-ER, CISSP, et al. CCSI/JNCI-M/JNCI-ER VP - Technical Training - IPexpert, Inc. IPexpert Sr. Technical Instructor A Cisco Learning Partner - We Accept Learning Credits! [EMAIL PROTECTED] Telephone: +1.810.326.1444 Fax: +1.810.454.0130http://www.ipexpert.com From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael LiuSent: Friday, October 19, 2007 9:52 PMTo: Con Spathas; [EMAIL PROTECTED]: Re: [OSL | CCIE_RS] BGP communties problem you should use no-advertise, NOT no-export. no-export means it will sent to next ebgp, from that ebgp neighbor, it will not send out. hope this help.. ~ml From: [EMAIL PROTECTED]: [EMAIL PROTECTED]; [EMAIL PROTECTED]: Fri, 19 Oct 2007 19:37:57 +0100Subject: Re: [OSL | CCIE_RS] BGP communties problem Just a quick stab in the dark - but have you configured AS2 (R1, R2 and R3) to send communities to each other within the iBGP mesh?. I know the community attribute is transitive - but as it's an optional transitive - perhaps it could be worth a shot just to rule it out. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Badar FarooqSent: Friday, 19 October 2007 19:08To: [EMAIL PROTECTED]: [OSL | CCIE_RS] BGP communties problem here is the scenario R4 is in AS 3 R5 is in AS 1 R1, 2, 3 are in AS 2 R4 has an ethernetnet link to R1 R5 has a frame relay link to R2 R1, R3, R2 are in full mesg IBGP R4 advertises network 204.12.1.0/24 into bgp and R5 advertises 155.1.5.0/24 into bgp The goal is to stop R4 and R5 to see each other's advertised networks, yet R1, R2, R3, should be able to access the advertised networks... Here is my configuration R5:router bgp 1no synchronizationbgp log-neighbor-changesnetwork 155.1.5.0 mask 255.255.255.0 neighbor 155.1.0.2 remote-as 2neighbor 155.1.0.2 send-communityneighbor 155.1.0.2 route-map SET-COMMUNITY outno auto-summary!access-list 1 permit 155.1.5.0 0.0.0.255!route-map SET-COMMUNITY permit 10match ip address 1set community no-export!route-map SET-COMMUNITY permit 20R4:router bgp 3no synchronizationbgp log-neighbor-changesnetwork 204.12.1.0neighbor 155.1.146.1 remote-as 2neighbor 155.1.146.1 send-communityneighbor 155.1.146.1 route-map SET-COMMUNITY outno auto-summary!access-list 1 permit 204.12.1.0 0.0.0.255!route-map SET-COMMUNITY permit 10match ip address 1set community no-export!route-map SET-COMMUNITY permit 20 ! Now everything appears to be fine as I check on R1 and R2 which are neighbors of R4 and R5 respectively R1#sh ip bgp 204.12.1.0BGP routing table entry for 204.12.1.0/24, version 3Paths: (1 available, best #1, table Default-IP-Routing-Table, not advertised to EBGP peer)Advertised to update-groups:13155.1.146.4 from 155.1.146.4 (204.12.1.4)Origin IGP, metric 0, localpref 100, valid, external, best Community: no-exportAndR2#show ip bgp 155.1.5.0BGP routing table entry for 155.1.5.0/24 , version 2Paths: (1 available, best #1, table Default-IP-Routing-Table, not advertised toEBGP peer)Advertised to update-groups:21155.1.0.5 from 155.1.0.5 (155.1.5.5)Origin IGP, metric 0, localpref 100, valid, external, bestCommunity: no-export But still R5 and R4 see these routes in their routing table and are able to ping each other… R4#show ip bgpBGP table version is 8, local router ID is 204.12.1.4Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S StaleOrigin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path*> 155.1.5.0/24 155.1.146.1 0 2 1 i*> 155.1.37.0/24 155.1.146.1 0 2 i*> 204.12.1.0 0.0.0.0 0 32768 i Now R4 shouldn't be able to see 155.1.5.0/24 network but it does :S R4#ping 155.1.5.5 source 204.12.1.4Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 155.1.5.5, timeout is 2 seconds:Packet sent with a source address of 204.12.1.4!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 108/213/316 m Same is the case with R5. It sees and reaches network advertised by R4…Any help will be appreciated… Best Regards Muhammad Badar Help yourself to FREE treats served up daily at the Messenger Café. Stop by today! _________________________________________________________________ Climb to the top of the charts! Play Star Shuffle: the word scramble challenge with star power. http://club.live.com/star_shuffle.aspx?icid=starshuffle_wlmailtextlink_oct
