Did some tests on the NON-EXIST-MAP with 12.2SRC. I was spreading wrong rumors, time to fix them:
* The route-map checks the routes in the BGP table (_not_ in the IP routing table). Dale was right. * It can take a while for the routes to be advertised/withdrawn; the non-exist-map is checked only at the BGP scan intervals (60 seconds by default, can be adjusted). * You can use a combination of an access-list and AS-path access-list in the route-map. The handling of standard access-lists used in the "match ip address" route-map condition is a bit weird, though: * "permit any" does _NOT_ work. * "permit prefix 0.0.0.0" (which gets translated into "permit prefix" in standard ACL) does _NOT_ work. * fancy wildcard tests (for example "permit 0.0.0.0 127.255.255.255) do _NOT_ work It looks like: * the IP prefix in the BGP table must match the address in the ACL exactly (wildcard bits are ignored). * ... but you still need the wildcard bits (inverted netmask) for the match to work. For example: if you want to match 10.8.8.0/24, you have to use "permit 10.8.8.0 0.0.0.255". "permit 10.8.8.0" or "permit 10.8.0.0 0.0.255.255" do _NOT_ work. Left to do: tests with the ip prefix-list instead of IP access list (and no, I will NOT test extended ACL :). Hope this helps Ivan > -----Original Message----- > From: Dale Shaw [mailto:[email protected]] > Sent: Sunday, March 15, 2009 11:33 PM > To: Burak Dikici > Cc: [email protected] > Subject: Re: [c-nsp] BGP conditional advertisemet - NON-EXIST > route map'saccess-list problem > > Hi Burak, > > On Mon, Mar 16, 2009 at 12:06 AM, Burak Dikici > <[email protected]> wrote: > > i am trying to use > > BGP conditional advertisemet configuration. I have got a > problem with > > NON-EXIST route map's access-list. In the NON-EXIST router map i am > > using the commands which is written below ; > > Here are some notes I made recently when playing with BGP > conditional advertising. I hope it helps. > > 1.) prefixes matched in advertise-map and exist/non-exist map > must exist (or not) in the *BGP* table > however: they do not need to be locally originated (e.g. R1 > can match routes received from R2 and advertise (or not) to R3 > and: the validity of the prefix in the BGP table (i.e. > RIB-failure) doesn't matter. if there's there, and using > exist-map, the condition is met. > > 2.) when using 'exist' map, prefixes matched by advertise-map > are advertised when exist-map condition is met > example: advertise 1.0.0.0/8 (advertise-map) from BGP table when > 3.20.20.0/24 (exist-map) exists in BGP table > > 3.) when exist 'non-exist' map, prefixes matched by > advertise-map are advertised when non-exist-map condition is met > example: advertise 1.0.0.0/8 (advertise-map) from BGP table when > 3.20.20.0/24 (non-exist-map) does NOT exist in BGP table > > 4.) prefixes matched in advertise-map are the only prefixes > affected -- other prefixes that may exist are advertised (or > not) as normal > > 5.) when dealing with conditional advertisement tasks, always > consider what will happen normally (without any config) > > I'd be happy to be corrected, but I think the first point is > contrary to what Ivan said. Also consider point #4 -- BGP > conditional advertising is not strictly a route filtering > mechanism, although it can be configured to achieve similar results. > > cheers, > Dale > > _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
