OpenBGP Filter - Selectively Announcing by Peer.

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

OpenBGP Filter - Selectively Announcing by Peer.

Eduardo Meyer
Hello,

I want to selectively announce what I get from my peers (whom I am
transit for) for a certain upstream peer. I decided to use community
to do so, like that:

# Add what I get from my transit peers to communyt $myasn:1010
match from $peer_t1 set community $myasn:1010
match from $peer_t2 set community $myasn:1010

# Selectively announce it to by upstream peer number 2
deny to $peer_up2
allow to $peer_up2 community $myasn:1010

But it did not work.

I dont want to manually declare the networks I get, and my upstream
wont allow me to "announce all".

What is wrong with the above OpenBGP rules?

--
===========
Eduardo Meyer
pessoal: [hidden email]
profissional: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: OpenBGP Filter - Selectively Announcing by Peer.

Claudio Jeker
On Mon, Oct 04, 2010 at 02:20:55PM -0300, Eduardo Meyer wrote:

> Hello,
>
> I want to selectively announce what I get from my peers (whom I am
> transit for) for a certain upstream peer. I decided to use community
> to do so, like that:
>
> # Add what I get from my transit peers to communyt $myasn:1010
> match from $peer_t1 set community $myasn:1010
> match from $peer_t2 set community $myasn:1010
>
> # Selectively announce it to by upstream peer number 2
> deny to $peer_up2
> allow to $peer_up2 community $myasn:1010
>
> But it did not work.
>
> I dont want to manually declare the networks I get, and my upstream
> wont allow me to "announce all".
>
> What is wrong with the above OpenBGP rules?
>

You need to set the announce type to "all" which means process all entries
in the RIB with the outbound filterset. Announce "self" which is the
default for eBGP sessions will block all non empty as pathes before
passing the prefix to the outbound filtering. As soon as you do tranist
you need "announce all" plus correct filters.

--
:wq Claudio

Reply | Threaded
Open this post in threaded view
|

Re: OpenBGP Filter - Selectively Announcing by Peer.

Eduardo Meyer
On Mon, Oct 4, 2010 at 6:12 PM, Claudio Jeker <[hidden email]> wrote:

> On Mon, Oct 04, 2010 at 02:20:55PM -0300, Eduardo Meyer wrote:
>> Hello,
>>
>> I want to selectively announce what I get from my peers (whom I am
>> transit for) for a certain upstream peer. I decided to use community
>> to do so, like that:
>>
>> # Add what I get from my transit peers to communyt $myasn:1010
>> match from $peer_t1 set community $myasn:1010
>> match from $peer_t2 set community $myasn:1010
>>
>> # Selectively announce it to by upstream peer number 2
>> deny to $peer_up2
>> allow to $peer_up2 community $myasn:1010
>>
>> But it did not work.
>>
>> I dont want to manually declare the networks I get, and my upstream
>> wont allow me to "announce all".
>>
>> What is wrong with the above OpenBGP rules?
>>
>
> You need to set the announce type to "all" which means process all entries
> in the RIB with the outbound filterset. Announce "self" which is the
> default for eBGP sessions will block all non empty as pathes before
> passing the prefix to the outbound filtering. As soon as you do tranist
> you need "announce all" plus correct filters.

Hello Jeker,

I am "announcing al" already.

Please enlighten ment, when I do a

bgpctl sh rib out nei <description>

The prefixes I see are the ones the peer *accepted* from me or the
ones I am actually announcing, no matter if the peer accepts or not?

Because I "announce all" and later, filter by community, and the
abouve "sh rib out nei <d>" shows empty.

Thanks again.

>
> --
> :wq Claudio
>
>



--
===========
Eduardo Meyer
pessoal: [hidden email]
profissional: [hidden email]