Brian's Blog: Lab 19 - Bestpath Selection

The BGP maxas-limit command is used to limit the maximum ASPath segments received from a BGP neighbor. This feature can provide protection and filtering opportunities based on the ASPath length. Today's lab will focus on this specific feature and how to use it to filter inbound ASPath segments based on ASpath length.

Concepts tested

Filter inbound ASPATH segments based on length
Configuring basic BGP peering

Topology

GNS3 configuration file, requires IOS v15 for the 7200 router: Link

Solution

R1 Configuration

R1(config)#router bgp 65001
R1(config-router)#neighbor 65.1.0.2 remote 65002
R1(config-router)#address-family ipv4 unicast
R1(config-router-af)#neighbor 65.1.0.2 activate
R1(config-router-af)#bgp maxas-limit 2

R1 Verification

Once you configure your neighbor statement and the peering comes up you should see the following:

%BGP-5-ADJCHANGE: neighbor 65.1.0.2 Up

R1#sh ip bgp | b Network
Network Next Hop Metric LocPrf Weight Path
*> 160.150.1.0/24 65.1.0.2 0 0 65002 i
*> 160.151.1.0/24 65.1.0.2 0 0 65002 65123 i
*> 160.152.1.0/24 65.1.0.2 0 0 65002 65123 65223 i
*> 160.153.1.0/24 65.1.0.2 0 0 65002 65123 65223 i

Now based on the ASPATH information above we could filter any prefixes from AS65223 by simply limiting the ASPath length using the command bgp maxas-limit #.

With that command configured and we clear our peering session we should see the following:

R1#clear bgp ipv4 unicast * soft

%BGP-6-ASPATH: Long AS path 65002 65123 65223 received from 65.1.0.2: BGP(0) Prefixes: 160.152.1.0/24 160.153.1.0/24

R1#sh ip bgp | b Network
Network Next Hop Metric LocPrf Weight Path
*> 160.150.1.0/24 65.1.0.2 0 0 65002 i
*> 160.151.1.0/24 65.1.0.2 0 0 65002 65123 i
R1#

Now we only see the prefixes we want to see, and that is it for this lab.

Brian's Blog

Tabs

Saturday, October 18, 2014

Lab 19 - Bestpath Selection - Filter by ASPath length

No comments:

Post a Comment