For example, if you are BGP peered with an ISP and you had a route-map to filter all the routes except the default route, the ISP is still sending you the whole internet routing table and your CPU is processing the entire internet table before filtering it down to the default route.
Consider this topology and let's see how we can efficiently perform BGP filtering and conserve our router's resource.
First we will implement BGP prefix-list filtering on R2 and then we will see how we can efficiently perform filtering using BGP ORF (Outbound Route Filtering).
As usual let's get our interfaces configured.
 |
| R2 interface configurations |
 |
| R3 interface configurations |
- Create a prefix list and specify which route you want to accept which in this case will be 3.3.3.3/32.
- Create a new instance of BGP.
- Create the neighbor statements and attach the prefix-list in the inbound direction.
- Create a new instance of BGP.
- Redistribute connected so all the loopback addresses make it into the BGP table.
Now let's verify everything.
- 'Show ip bgp' shows the routes that are in the BGP table.
- 'show ip bgp neighbor 1.1.1.1 advertised-routes' shows you all the routes that are advertised to the neighbor. As you can see all the loopbacks are advertised to R2.
Now let's take a look at R2 routing table.
- As you can see with received-routes you are receiving everything from ISPA.
- 'show ip bgp' reveals that the prefix-list which is applied on the "inbound direction" is taking effect and the only route that ends up in the routing table is the 3.3.3.3/32 as expected.
- This is not very efficient since the router has to process everything (all the routes) that it got from ISPA and then filter accordingly.
- In order to configure BGP Outbound Route Filtering type 'neighbor 1.1.1.2 capability orf prefix-list send' under the BGP Configuration. This sends the prefix-list you have configured for this neighbor upstream.
- You can verifiy this operation by 'show ip bgp neighbor 1.1.1.2'. Notice that the send-mode is advertised upstream.
- At this point we are only 50% done, we need to configure ISPA to accept R2 prefix-list that is being sent.
- 'neighbor 1.1.1.1 capability orf prefix-list receive' allows ISPA to honor the prefix-list being received from R2.
- Notice that 'show ip bgp' shows all the routes in the BGP Table. However, the only route being advertised to R2 is just 3.3.3.3/32 which is what the prefix-list on R2 accepts.
- Notice that received-mode is advertised and send-mode is received from R2 as configured.
- Notice that the # of prefix sent are only one according to the prefix-list being received.
- Notice that 3 prefix's are being denied due to the prefix-list.
As you can see once we configure ORF (Outbound Route Filtering) on R2 and ISPA, ISPA stop sending the whole BGP Table and only sends what R2 is requesting. This way ISPs do not have to worry about customer requests and customers do not have to depend on ISPs to advertise or make changes to the advertisements. It is dynamically controlled by the customer. In addition, BGP Route filtering is accomplished much more efficiently than just a prefix-list applied in the inbound direction.
Many more articles to come so please stay tuned.
If you like my posts please subscribe/comments/+1.
Thank you.
No comments:
Post a Comment