Xueyan's comments about changing permit and deny's would work. But I think the big thing you are missing here is you're tagging something no-export on the way out of AS34. That will pass the route to the neighboring AS and then they shouldn't pass it on to their neighboring AS's. If you wanted to use no-export to prevent AS34 from leaking these routes then you should tag them as such on the way into the AS.
Or as Xueyan's comments say deny the routes in your route-map/acl's on the way out. Also given the nature of what you want to filter(routes through AS1000, but not filter routes originating from AS1000) you'll need to alter the as-path acl. Then again I may be mis-understanding the goals on this part and you really don't want routes from or through AS1000. Darrell http://www.netswitch.net ""Cisco Nuts"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hello,I am trying to block any routes that have traversed AS1000 from > being advertised beyond AS34 but am having no luck.R4 is learning a bunch > of routes from AS100 and the config is on R4 which in in AS34R4#route-map > comm_out permit 10 > match as-path 99 > set community no-export > ! > route-map comm_out permit 20 > match ip address 96 > set metric 31337 > ! > route-map comm_out permit 30!ip as-path access-list 99 permit _1000_! On > the peer routers:R2#bt > BGP table version is 203, local router ID is 220.1.3.1 > Status codes: s suppressed, d damped, h history, * valid, > best, i - > internal > Origin codes: i - IGP, e - EGP, ? - incomplete Network Next > Hop Metric LocPrf Weight Path > *> 100.0.0.0/24 150.1.4.4 0 34 100 200 300 > 1000 400 500 i > * 100.1.0.0/24 150.1.12.1 0 1 34 100 200 > 300 400 500 i > *> 150.1.4.4 0 34 100 200 300 > 400 500 i > *> 100.2.0.0/24 150.1.4.4 0 34 100 200 300 > 1000 400 500 i > * 100.3.0.0/24 150.1.12.1 0 1 34 100 200 > 300 400 500 i > *> 150.1.4.4 0 34 100 200 300 > 400 500 i > * 110.110.110.0/24 150.1.12.1 0 1 34 100 200 > 300 400 500 i > *> 150.1.4.4 0 34 100 200 300 > 400 500 i > * 111.111.111.0/24 150.1.12.1 0 1 34 100 200 > 300 400 500 i > *> 150.1.4.4 31337 0 34 100 200 300 > 400 500 i > * 112.112.112.0/24 150.1.12.1 0 1 34 100 200 > 300 400 500 i > *> 150.1.4.4 0 34 100 200 300 > 400 500 i > * 113.113.113.0/24 150.1.12.1 0 1 34 100 200 > 300 400 500 i > *> 150.1.4.4 31337 0 34 100 200 300 > 400 500 i On R2, I can still see routes that have traversed AS1000 !!!What > am I doing wrong?Please help.Thank you.Sincerely,CN > > ------------------------------------------------------------------------ > > Protect your PC - Click here for McAfee.com VirusScan Online Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=61598&t=61480 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
