Differences
This shows you the differences between two versions of the page.
cisco:bgp [2008/07/06 12:49] a Extracting BGP info with regular expressions |
cisco:bgp [2009/05/25 00:35] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Cisco BGP ====== | ||
- | see also: **[[: | ||
- | |||
- | ---- | ||
- | commands: | ||
- | |||
- | //closes bgp sessions// | ||
- | clear ip bgp * | ||
- | [[http:// | ||
- | |||
- | **Please write more coments on configurations!!** | ||
- | |||
- | router bgp 15393 | ||
- | no synchronization | ||
- | bgp dampening | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | ! | ||
- | ! as-path filter to catch peers announcements | ||
- | no ip as-path access-list 100 | ||
- | ip as-path access-list 100 permit _(65502)$ | ||
- | ! acl to catch adverts for peers address space | ||
- | no access-list 100 | ||
- | access-list 100 permit ip 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 | ||
- | |||
- | ! acl to catch adverts for sub-aggregates of own address space | ||
- | no access-list 199 | ||
- | access-list 199 permit ip X.X.X.0 0.0.31.255 255.255.240.0 0.0.15.255 | ||
- | ! acl to catch adverts for own address space | ||
- | no access-list 97 | ||
- | access-list 97 permit X.X.X.0 0.0.31.255 | ||
- | |||
- | ! acl to catch adverts for bogus address space | ||
- | no access-list 98 | ||
- | access-list 98 permit 10.0.0.0 0.255.255.255 | ||
- | access-list 98 permit 172.16.0.0 0.15.255.255 | ||
- | access-list 98 permit 192.168.0.0 0.0.255.255 | ||
- | access-list 98 permit 0.0.0.0 0.255.255.255 | ||
- | access-list 98 permit 127.0.0.0 0.255.255.255 | ||
- | access-list 98 permit 128.0.0.0 0.0.255.255 | ||
- | access-list 98 permit 191.255.0.0 0.0.255.255 | ||
- | access-list 98 permit 192.0.0.0 0.0.0.255 | ||
- | access-list 98 permit 223.255.255.0 0.0.0.255 | ||
- | access-list 98 permit 224.0.0.0 15.255.255.255 | ||
- | |||
- | ! acl to catch adverts for default route | ||
- | no access-list 99 | ||
- | access-list 99 permit 0.0.0.0 0.0.0.0 | ||
- | route-map customer-rm deny 10 | ||
- | match ip address 97 98 99 | ||
- | |||
- | route-map customer-rm permit 20 | ||
- | set local-preference 150 | ||
- | |||
- | route-map standardout deny 10 | ||
- | match ip address 98 99 199 | ||
- | route-map standardout permit 20 | ||
- | |||
- | |||
- | ===== Preventing AS from becoming Transit AS ===== | ||
- | |||
- | To prevent your AS from becoming a Transit AS, use following startegy | ||
- | Create a route map say '' | ||
- | |||
- | | ||
- | match as-path 1 | ||
- | |||
- | In config mode, use following command | ||
- | |||
- | ip as-path access-list 1 deny ^$ | ||
- | |||
- | This command will only allow routes with origin code “'' | ||
- | Apply the above route-map | ||
- | |||
- | | ||
- | | ||
- | |||
- | Only routes with origin code” i” will enter your AS. | ||
- | |||
- | ===== AS-path prepending ===== | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | ! | ||
- | route-map prepend permit 10 | ||
- | set as-path prepend 65001 65001 65001 | ||
- | |||
- | ===== Extracting BGP info with regular expressions ===== | ||
- | |||
- | To find all subnets originating from AS 100 (AS path ends with 100): \\ | ||
- | \\ | ||
- | '' | ||
- | ... | ||
- | Network | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | ... | ||
- | |||
- | To find all subnets reachable via AS 100 (AS path begins with 100):\\ | ||
- | \\ | ||
- | **'' | ||
- | ... | ||
- | Network | ||
- | *> 10.1.0.0/ | ||
- | | ||
- | | ||
- | *> 172.16.0.8/ | ||
- | ... | ||
- | |||
- | To find all routes traversing AS 100:\\ | ||
- | \\ | ||
- | **'' | ||
- | ... | ||
- | Network | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | ... | ||
- | |||
- | If you need to further filter the output, use quote-regexp instead. For example, to find all 172.x.x.x routes originating from AS 100: \\ | ||
- | \\ | ||
- | '' | ||
- | ... | ||
- | * 172.16.0.0/ | ||
- | * 172.31.0.1/ | ||
- | |||
- | Or, to find all subnets currently being reached via AS 100: \\ | ||
- | |||
- | **'' | ||
- | ... | ||
- | *> 10.1.0.0/ | ||
- | *> 172.16.0.8/ | ||
- | *> 172.31.0.1/ | ||
- | |||
- | |||
- | |||