Hi, On Thu, Oct 20, 2011 at 07:13:50PM +0400, Andrey Koklin wrote: > ip as-path access-list 100 permit ^$ > ip as-path access-list 101 permit _21017_ > ip as-path access-list 102 permit _21017_21017_
This...
> route-map TO_VPN_CTK permit 10
> match ip address prefix-list TO_VPN_CTK
> match as-path 100
... together with this will only permit AS-paths matched by ACL 100,
which is "^$" = "your local AS".
So this AS path ACL will never permit anything learned from eBGP.
Maybe this should have been
ip as-path access-list 100 permit ^$
ip as-path access-list 100 permit _21017_
ip as-path access-list 100 permit _21017_21017_
("100" in all 3 lines)
> I've just tried to remove filters. The router started to advertise all
> but the needed prefixes, like 10.36.72.32/27...
See above: the as-path filter is borked.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: +49-89-35655025 [email protected]
pgpeqFeIfp1x8.pgp
Description: PGP signature
_______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
