Имеется cisco 3750, на ней поднят BGB.
Первый аплинк выдает нам только default gateway. Но тут появился второй провайдер, который льет full view => cisco умирает.
Пытаюсь отфильтровать, но все попытки безуспешны, cisco долго перезагружается в итоге люди минут по 20 сидят без интернета.
- Код: Выделить всё
router bgp XXXXX
no synchronization
bgp log-neighbor-changes
bgp deterministic-med
network xxx.xxx.xxx.xxx mask 255.255.248.0
neighbor yyy.yyy.yyy.yyy remote-as YYYYY
neighbor yyy.yyy.yyy.yyy description BGP-PEER-Y
neighbor yyy.yyy.yyy.yyy version 4
neighbor yyy.yyy.yyy.yyy send-community
neighbor yyy.yyy.yyy.yyy soft-reconfiguration inbound
neighbor yyy.yyy.yyy.yyy route-map map-ASYYYYY-in in
neighbor yyy.yyy.yyy.yyy route-map map-ASYYYYY-out out
neighbor zzz.zzz.zzz.zzz remote-as ZZZZZ
neighbor zzz.zzz.zzz.zzz description BGP-PEER-Z
neighbor zzz.zzz.zzz.zzz version 4
neighbor zzz.zzz.zzz.zzz send-community
neighbor zzz.zzz.zzz.zzz soft-reconfiguration inbound
neighbor zzz.zzz.zzz.zzz route-map map-ASZZZZZ-in in
neighbor zzz.zzz.zzz.zzz route-map map-ASZZZZZ-out out
distance bgp 180 200 200
no auto-summary
!
ip bgp-community new-format
ip as-path access-list 1 permit _6451[2-9]_
ip as-path access-list 1 permit _645[2-9][0-9]_
ip as-path access-list 1 permit _64[6-9][0-9][0-9]_
ip as-path access-list 1 permit _65[0-9][0-9][0-9]_
!
ip prefix-list bogons description bogus nets
ip prefix-list bogons seq 15 permit 0.0.0.0/8 le 32
ip prefix-list bogons seq 20 permit 127.0.0.0/8 le 32
ip prefix-list bogons seq 25 permit 192.0.2.0/24 le 32
ip prefix-list bogons seq 30 permit 10.0.0.0/8 le 32
ip prefix-list bogons seq 35 permit 172.16.0.0/12 le 32
ip prefix-list bogons seq 40 permit 192.168.0.0/16 le 32
ip prefix-list bogons seq 45 permit 169.254.0.0/16 le 32
ip prefix-list bogons seq 50 permit 192.42.172.0/24 le 32
ip prefix-list bogons seq 55 permit 198.18.0.0/15 le 32
ip prefix-list bogons seq 60 permit 192.88.99.0/24 le 32
ip prefix-list bogons seq 65 permit 224.0.0.0/4 le 32
ip prefix-list bogons seq 70 permit 240.0.0.0/4 le 32
!
ip prefix-list default description default route
ip prefix-list default seq 10 permit 0.0.0.0/0
!
route-map map-ASZZZZZ-out permit 100
description -- permit our prefixes
match ip address prefix-list list
!
route-map map-ASYYYYY-out permit 100
description -- permit our prefixes
match ip address prefix-list list
!
route-map map-ASYYYYY-in deny 100
description -- filter private ASs
match as-path 1
!
route-map map-ASYYYYY-in deny 110
description -- -- filter bogons
match ip address prefix-list bogons
!
route-map map-ASYYYYY-in permit 200
description -- permit any else, set default loc-pref, set community
set local-preference 100
set community XXXXX:YYYYY
!
route-map map-ASZZZZZ-in permit 10
match ip address prefix-list default
!
route-map map-ASZZZZZ-in deny 100
description -- filter private ASs
match as-path 1
!
route-map map-ASZZZZZ-in deny 110
description -- -- filter bogons
match ip address prefix-list bogons
!
route-map map-ASZZZZZ-in permit 200
description -- permit any else, set default loc-pref, set community
set local-preference 100
set community XXXXX:ZZZZZ
!
route-map map-ASZZZZZ-in deny 300
Требуется для пира Z порезать full-view. Не могу понять какое правило пропускает.