Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
cisco:bgp [2006/05/28 22:44] a |
cisco:bgp [2009/05/25 00:35] (current) |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== Cisco BGP ====== | ====== Cisco BGP ====== | ||
- | see also: **[[: | + | see also: **[[: |
---- | ---- | ||
Line 61: | Line 61: | ||
match ip address 98 99 199 | match ip address 98 99 199 | ||
route-map standardout permit 20 | route-map standardout permit 20 | ||
+ | |||
+ | |||
+ | ===== Useful commands ===== | ||
+ | FIXME - styling (and more detailed) | ||
+ | |||
+ | | ||
+ | |||
+ | and | ||
+ | |||
+ | | ||
+ | |||
+ | and | ||
+ | |||
+ | | ||
+ | |||
+ | ===== Preventing AS from becoming Transit AS ===== | ||
+ | |||
+ | To prevent your AS from becoming a Transit AS, use following startegy | ||
+ | Create a route map say '' | ||
+ | |||
+ | | ||
+ | match as-path 1 | ||
+ | |||
+ | In config mode, use following command | ||
+ | |||
+ | ip as-path access-list 1 deny ^$ | ||
+ | |||
+ | This command will only allow routes with origin code “'' | ||
+ | Apply the above route-map | ||
+ | |||
+ | | ||
+ | | ||
+ | |||
+ | Only routes with origin code” i” will enter your AS. | ||
+ | |||
+ | ===== AS-path prepending ===== | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | ! | ||
+ | route-map prepend permit 10 | ||
+ | set as-path prepend 65001 65001 65001 | ||
+ | |||
+ | |||
+ | ===== Extracting BGP info with regular expressions ===== | ||
+ | |||
+ | **Short version:** | ||
+ | show ip bgp regexp [AS]$ - list all network paths with that AS | ||
+ | show ip bgp regexp _AS_ - match any route going through AS | ||
+ | show ip bgp regexp _AS AS_ - match any route passed through AS and AS | ||
+ | show ip bgp regexp _AS$ - match only routes originated in this AS | ||
+ | |||
+ | To find all subnets originating from AS 100 (AS path ends with 100): \\ | ||
+ | \\ | ||
+ | '' | ||
+ | ... | ||
+ | Network | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | ... | ||
+ | |||
+ | To find all subnets reachable via AS 100 (AS path begins with 100):\\ | ||
+ | \\ | ||
+ | **'' | ||
+ | ... | ||
+ | Network | ||
+ | *> 10.1.0.0/ | ||
+ | | ||
+ | | ||
+ | *> 172.16.0.8/ | ||
+ | ... | ||
+ | |||
+ | To find all routes traversing AS 100:\\ | ||
+ | \\ | ||
+ | **'' | ||
+ | ... | ||
+ | Network | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | ... | ||
+ | |||
+ | If you need to further filter the output, use quote-regexp instead. For example, to find all 172.x.x.x routes originating from AS 100: \\ | ||
+ | \\ | ||
+ | '' | ||
+ | ... | ||
+ | * 172.16.0.0/ | ||
+ | * 172.31.0.1/ | ||
+ | |||
+ | Or, to find all subnets currently being reached via AS 100: \\ | ||
+ | |||
+ | **'' | ||
+ | ... | ||
+ | *> 10.1.0.0/ | ||
+ | *> 172.16.0.8/ | ||
+ | *> 172.31.0.1/ | ||
+ | |||
+ | |||
+ | |||
+ |