Filter
Top Products
BGP: Configuring Distribute Filters
Page 12 | Use Route Maps and Other Filters to Filter and Alter BGP and OSPF Routes
Using ACLs as filters
When you have created an ACL, you can use it to filter incoming or outgoing update
messages for a particular BGP peer, by using the following commands in BGP router mode
for the AS.
Filter incoming updates (received from a particular neighbor):
Filter outgoing updates (destined for a particular neighbor):
The switch will then compare the prefixes in update packets with each entry in the ACL,
looking for matches.
If a matching entry has the parameter permit, then there will be effectively no action. If a
matching entry has the parameter deny, then the specified prefix will be removed from the
update packet.
Once the update packet has been compared against every entry in the ACL, it will be sent to
the neighbor (out filters) or processed (in filters), minus any prefixes that have been removed
by the filter.
Example: Distribute filters
Filter out one particular route from a neighbor
This example expands on the basic configuration in "BGP: Example" on page 8.
It creates an ACL on the AlliedWare Plus switch that explicitly denies one of the routes that
is advertised from the AW neighbor, and explicitly accepts all other routes.
awplus(config-router)#
neighbor <neighbor> distribute-list
<acl-id> in
awplus(config-router)#
neighbor <neighbor> distribute-list
<acl-id> out
1. Create a named ACL to deny the route 52.0.0.0/8 and accept all others. You need
to include a permit any entry because ACLs end in an implicit deny any entry.
awplus(config)#
access-list standard list1 deny 52.0.0.0/8 exact
awplus(config)#
access-list standard list1 permit any
2. Set that ACL as the filter for the BGP neighbor 45.45.45.46.
awplus(config)#
router bgp 34567
awplus(config-router)#
neighbor 45.45.45.46 distribute-list list1 in