I am running a 7206VXR for our main BGP box. We're colocated with
Level 3 (AS3356) and we have ethernet to them. We have T1s to UUNet
(AS701) and Teleglobe (AS6453).
I am running OSPF for my IGP and everything seems to be working well
there. I have a 7120 in my office that I am using for BGP experiments.
Besides what I show below it has a static route 0.0.0.0/0 to the outside
world.
When I run this config on the 7120 without the filter-list 2 I get a
full BGP table viewable via 'show ip bgp' and the routing table gets
populated with a bunch of BGP routes. When I turn on that filter-list
and do a clear ip bgp <addr> from the 7206 and the 7120 I see the
message counter going up on the 7120 in 'show ip bgp neighbor' but the
BGP table never has anything in it.
I chose to filter 3356 since the majority of the entries in the BGP
table on the 7206 come from there. It was my plan to trim the BGP
entries coming to an internal router down to the point where I could use
something smaller/slower (like a 2611 with 64 meg) for BGP experiments
and put the 7120 back to work.
The 7120 is a bit warped, however, take a look at this evil 'show
ver'
ROM: System Bootstrap, Version 12.0(5r)XE, RELEASE SOFTWARE (fc1)
BOOTFLASH: EGR Software (C7100-P-M), Experimental Version
12.0(20000110:181554) [otroan-thanksgiving-rel 196]
This is an IPv6 image based on 12.0. This isn't available on the web
site yet - I had to display some pretty solid groveling technique to get
it and it works fine for IPv6 stuff but its not so nice for IPv4.
Is this config valid? I've seen other weirdness with this image
related to IPv4 routing behavior besides this BGP stuff and I am really
wondering if its just the image and not my lack of skill that is causing
these BGP problems.
--- this is the 7120's relevant info ---
router bgp 12023
no synchronization
neighbor 209.58.21.253 remote-as 12023
neighbor 209.58.21.253 update-source Loopback0
neighbor 209.58.21.253 filter-list 2 in
no auto-summary
!
ip as-path access-list 1 permit ^$
ip as-path access-list 2 deny ^(_3356)
ip as-path access-list 2 permit ^$
--- and this is the 7206
router bgp 12023
no synchronization
network 209.58.21.0
neighbor 63.210.10.97 remote-as 3356
neighbor 63.210.10.97 description Level3 Peer
neighbor 63.210.10.97 filter-list 1 out
neighbor 157.130.20.69 remote-as 701
neighbor 157.130.20.69 description Order Number 17124
neighbor 157.130.20.69 filter-list 10 in
neighbor 157.130.20.69 filter-list 1 out
neighbor 207.45.199.189 remote-as 6453
neighbor 207.45.199.189 description Teleglobe Peer
neighbor 207.45.199.189 filter-list 11 in
neighbor 207.45.199.189 filter-list 1 out
neighbor 209.58.21.221 remote-as 12023
neighbor 209.58.21.221 update-source Loopback0
neighbor 209.58.21.221 filter-list 2 in
no auto-summary
!
--- I think this is a 'sink' so that any unallocated stuff from our
209.58.21.0/24 block
--- doesn't get looped back to the outside world ... or maybe its here
because BGP needs
--- IGP reachability before it'll advertise anything.
ip route 209.58.21.0 255.255.255.0 Null0 250
ip as-path access-list 1 permit ^$
ip as-path access-list 2 deny ^$
ip as-path access-list 10 permit ^(_701)+$
ip as-path access-list 10 deny ^(_701)+(_1239)+$
ip as-path access-list 10 deny ^(_701)+(_3561)+$
ip as-path access-list 10 deny ^(_701)+(_2041)+$
ip as-path access-list 10 deny ^(_701)+(_10753)+$
ip as-path access-list 10 deny ^(_701)+(_1)+$
ip as-path access-list 10 deny ^(_701)+(_6453)+$
ip as-path access-list 10 deny ^(_701)+(_6172)+$
ip as-path access-list 10 deny ^(_701)+(_3967)+$
ip as-path access-list 10 deny ^(_701)+(_2914)+$
ip as-path access-list 10 permit ^(_701)+_[0-9]+$
ip as-path access-list 11 permit ^(_6453)+$
ip as-path access-list 11 deny ^(_6453)+(_1239)+$
ip as-path access-list 11 deny ^(_6453)+(_3561)+$
ip as-path access-list 11 deny ^(_6453)+(_2041)+$
ip as-path access-list 11 deny ^(_6453)+(_10753)+$
ip as-path access-list 11 deny ^(_6453)+(_1)+$
ip as-path access-list 11 deny ^(_6453)+(_701)+$
ip as-path access-list 11 deny ^(_6453)+(_6172)+$
ip as-path access-list 11 deny ^(_6453)+(_3967)+$
ip as-path access-list 11 deny ^(_6453)+(_2914)+$
ip as-path access-list 11 permit ^(_6453)+_[0-9]+$
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
