CCNP Routing Study Guide- P13

CCNP Routing Study Guide- P13:T his book is intended to help you continue on your exciting new path toward obtaining your CCNP and CCIE certification. Before reading this book, it is important to have at least read the Sybex CCNA: Cisco Certified Network Associate Study Guide, Second Edition. You can take the CCNP tests in any order, but you should have passed the CCNA exam before pursuing your CCNP.
Nội dung trích xuất từ tài liệu:
CCNP Routing Study Guide- P13 324 Chapter 9 BGP Scalability and Advanced Features neighbor 172.16.65.10 filter-list 1 out neighbor 172.16.65.11 remote-as 300 neighbor 172.16.65.11 filter-list 11 in neighbor 172.16.65.11 filter-list 1 out ! ! ip as-path access-list 1 permit ^200$ ip as-path access-list 10 permit ^100$ ip as-path access-list 11 permit ^300$ ! ! To implement filters, use the neighbor command. Using the AS path syn- tax, you can configure filters to block routes that contain the AS path infor- mation that does not match the regular expression. The output above shows access list 1 allowing only routes that originate from AS 200 to be sent to the respective neighbors. Access lists 10 and 11 above allow only routes that do not originate within AS 100 and AS 300 to be sent. Creating BGP Policies W e use policies with BGP to tell other BGP neighbors the paths through our own network. By not advertising certain routes through our net- work, we keep other networks from learning about them; it is difficult to route a packet through a network you don’t know about. We can modify routes that we wish to advertise using both prefix lists and distribute lists. Distribute lists use access lists to control the routes advertised by a routing protocol. A prefix list is similar to an access list but is more flexible and less complicated to configure than an access list. Distribute Lists Distribute lists are standard or extended access lists applied to a router’s BGP session to permit or deny advertised routes through the network. Distribute lists can be applied to filter BGP advertisements either coming in or going out Copyright ©2001 SYBEX , Inc., Alameda, CA www.sybex.com Creating BGP Policies 325 of the router. Let’s look at an example of an access list that allows routes from network 172.16.0.0. RouterA(config)#access-list 105 permit ip 172.16.0.0 0.0.255.255 host 255.255.0.0 There is always an implicit deny all at the end of the access list that can’t be seen. We’re permitting only network 172.16.0.0 in this access list. How- ever, although the access list has been created, we need to filter all of the BGP traffic coming in. Let’s take a look at how to do this: RouterA(config)#router bgp 31400 RouterA(config-router)#neighbor 172.16.11.254 remote-as 31400 RouterA(config-router)#neighbor 172.16.12.254 remote-as 31400 RouterA(config-router)#neighbor 172.16.11.254 distribute- list 105 in Prefix Lists Prefix lists are actually new and have been added to version 12.0 and later of the Cisco IOS. You can use a prefix list as an alternative to the access lists used in many of the BGP route-filtering commands. There are many advan- tages to using prefix lists. Prefix lists don’t tax the processor as much as access lists, which can improve the router’s performance. With a prefix list, you need to make configuration modifications to each router, but you can do this incrementally just as you can with route reflec- tors. This means that you can implement prefix lists on just a few routers in your network at a time instead of all at once. The biggest advantage of prefix lists over distribute lists is that prefix lists have much greater flexibility and are considerably easier to configure. If you make a mistake with an access list, you must start over because access lists are read in the order you type them in, making them hard to modify. Prefix lists allow you to add and delete lines without starting over. Prefix lists use the same line-by-line read rule as access lists, which says that as soon as I have a match in my list to the data I receive, I start process- ing. You need to also remember that, just as in access lists, the same implicit Copyright ©2001 SYBEX , Inc., Alameda, CA www.sybex.com 326 Chapter 9 BGP Scalability and Advanced Features deny all still exists at the bottom of the list for the data that does not have a match in our prefix list. However, if there are no lines in our prefix list, instead of an implicit deny all, there is an implicit permit any. The rule to remember when using prefix lists is that if a prefix is permitted, the route is advertised; if a prefix is denied, the route is not advertised. One improvement from access lists is the use of sequence numbers for each statement in the prefix list. The statement with the smallest sequence numbers is read first. This also allows us to modify a sequence statement without ...