You guys are absolutely right!! I had to filter inbound NOT outbound.....Big difference!!
This route-map matched all routes that traversed AS1000 and set the community to no-export and thus they were not advertised out of AS34. Thank you so much for all your help, guys. Sincerely, CN >From: "Darrell Newcomb" >Reply-To: "Darrell Newcomb" >To: [EMAIL PROTECTED] >Subject: Re: route-map no-export - not working!! [7:61480] >Date: Wed, 22 Jan 2003 18:32:44 GMT > >Xueyan's comments about changing permit and deny's would work. > >But I think the big thing you are missing here is you're tagging something >no-export on the way out of AS34. That will pass the route to the >neighboring AS and then they shouldn't pass it on to their neighboring AS's. >If you wanted to use no-export to prevent AS34 from leaking these routes >then you should tag them as such on the way into the AS. > >Or as Xueyan's comments say deny the routes in your route-map/acl's on the >way out. > >Also given the nature of what you want to filter(routes through AS1000, but >not filter routes originating from AS1000) you'll need to alter the as-path >acl. Then again I may be mis-understanding the goals on this part and you >really don't want routes from or through AS1000. > >Darrell >http://www.netswitch.net > > >""Cisco Nuts"" wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Hello,I am trying to block any routes that have traversed AS1000 from > > being advertised beyond AS34 but am having no luck.R4 is learning a bunch > > of routes from AS100 and the config is on R4 which in in AS34R4#route-map > > comm_out permit 10 > > match as-path 99 > > set community no-export > > ! > > route-map comm_out permit 20 > > match ip address 96 > > set metric 31337 > > ! > > route-map comm_out permit 30!ip as-path access-list 99 permit _1000_! On > > the peer routers:R2#bt > > BGP table version is 203, local router ID is 220.1.3.1 > > Status codes: s suppressed, d damped, h history, * valid, > best, i - > > internal > > Origin codes: i - IGP, e - EGP, ? - incomplete Network Next > > Hop Metric LocPrf Weight Path > > *> 100.0.0.0/24 150.1.4.4 0 34 100 200 300 > > 1000 400 500 i > > * 100.1.0.0/24 150.1.12.1 0 1 34 100 200 > > 300 400 500 i > > *> 150.1.4.4 0 34 100 200 300 > > 400 500 i > > *> 100.2.0.0/24 150.1.4.4 0 34 100 200 300 > > 1000 400 500 i > > * 100.3.0.0/24 150.1.12.1 0 1 34 100 200 > > 300 400 500 i > > *> 150.1.4.4 0 34 100 200 300 > > 400 500 i > > * 110.110.110.0/24 150.1.12.1 0 1 34 100 200 > > 300 400 500 i > > *> 150.1.4.4 0 34 100 200 300 > > 400 500 i > > * 111.111.111.0/24 150.1.12.1 0 1 34 100 200 > > 300 400 500 i > > *> 150.1.4.4 31337 0 34 100 200 300 > > 400 500 i > > * 112.112.112.0/24 150.1.12.1 0 1 34 100 200 > > 300 400 500 i > > *> 150.1.4.4 0 34 100 200 300 > > 400 500 i > > * 113.113.113.0/24 150.1.12.1 0 1 34 100 200 > > 300 400 500 i > > *> 150.1.4.4 31337 0 34 100 200 300 > > 400 500 i On R2, I can still see routes that have traversed AS1000 !!!What > > am I doing wrong?Please help.Thank you.Sincerely,CN > > > > ------------------------------------------------------------------------ > > > > Protect your PC - Click here for McAfee.com VirusScan Online > > misconduct and Nondisclosure violations to [EMAIL PROTECTED] ------------------------------------------------------------------------ MSN 8 with e-mail virus protection service: 2 months FREE* Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=61600&t=61480 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
