Date created: Tuesday, April 7, 2015 2:13:05 PM. Last modified: Thursday, November 22, 2018 10:55:47 AM

Inter-AS MPLS Option B Prefix-Filtering (IOS)

Filter all updates inside VRF "cust3" from R2 to R1 over the VPNv4 peering by filtering the route-target.

Filter a specific prefix within VRF "cust2" from R2 to R1 over the VPNv4 peering by matching the specific export route-target and prefix-list.

R2

ip vrf cust1
 rd 65001:200
 route-target export 65001:100
 route-target import 65001:100

ip vrf cust2
 rd 65002:200
 route-target export 65002:200
 route-target export 65002:100
 route-target import 65002:200
 route-target import 65002:100

ip vrf cust3
 rd 65003:200
 route-target export 65003:200
 route-target import 65003:200

interface Loopback65001
 ip vrf forwarding cust1
 ip address 10.0.1.2 255.255.255.255

interface Loopback65002
 ip vrf forwarding cust2
 ip address 10.0.2.2 255.255.255.255

interface Loopback65003
 ip vrf forwarding cust3
 ip address 10.0.3.2 255.255.255.255

interface Loopback65022
 ip vrf forwarding cust2
 ip address 10.0.2.3 255.255.255.255

interface FastEthernet0/0
 ip address 192.0.2.2 255.255.255.252
 mpls bgp forwarding


router bgp 64999
 bgp router-id 192.0.2.2
 bgp log-neighbor-changes
 neighbor 192.0.2.1 remote-as 65000
 !
 address-family ipv4
  neighbor 192.0.2.1 activate
  neighbor 192.0.2.1 send-community
  neighbor 192.0.2.1 next-hop-self
 exit-address-family
 !
 address-family vpnv4
  neighbor 192.0.2.1 activate
  neighbor 192.0.2.1 send-community extended
  neighbor 192.0.2.1 next-hop-self
  neighbor 192.0.2.1 route-map FILTER-VPNV4-OUT out
 exit-address-family
 
 address-family rtfilter unicast
  neighbor 192.0.2.1 activate
  neighbor 192.0.2.1 send-community extended
 exit-address-family
 
 address-family ipv4 vrf cust1
  redistribute connected
 exit-address-family
 
 address-family ipv4 vrf cust2
  redistribute connected
 exit-address-family
 
 address-family ipv4 vrf cust3
  redistribute connected
 exit-address-family

ip extcommunity-list expanded eBGP-VPNv4-FILTER-EXTCOMM permit RT:65003:*
ip extcommunity-list expanded eBGP-VPNv4-FILTER-EXTCOMM-2 permit RT:65002:100
ip bgp-community new-format

ip prefix-list CUST2-DENY-PL seq 10 permit 10.0.2.3/32

route-map FILTER-VPNV4-OUT deny 10
 match extcommunity eBGP-VPNv4-FILTER-EXTCOMM

route-map FILTER-VPNV4-OUT deny 20
 match ip address prefix-list CUST2-DENY-PL
 match extcommunity eBGP-VPNv4-FILTER-EXTCOMM-2

route-map FILTER-VPNV4-OUT permit 30

R1

ip vrf cust1
 rd 65001:100
 route-target export 65001:100
 route-target import 65001:100

ip vrf cust2
 rd 65002:100
 route-target export 65002:100
 route-target import 65002:100

ip vrf cust3
 rd 65003:100
 route-target export 65003:100
 route-target import 65003:100


interface Loopback65001
 ip vrf forwarding cust1
 ip address 10.0.1.1 255.255.255.255

interface Loopback65002
 ip vrf forwarding cust2
 ip address 10.0.2.1 255.255.255.255

interface FastEthernet0/0
 ip address 192.0.2.1 255.255.255.252
 mpls bgp forwarding


router bgp 65000
 bgp router-id 192.0.2.1
 bgp log-neighbor-changes
 neighbor 192.0.2.2 remote-as 64999
 
 address-family ipv4
  neighbor 192.0.2.2 activate
  neighbor 192.0.2.2 send-community
  neighbor 192.0.2.2 next-hop-self
 exit-address-family
 
 address-family vpnv4
  neighbor 192.0.2.2 activate
  neighbor 192.0.2.2 send-community extended
  neighbor 192.0.2.2 next-hop-self
 exit-address-family
 
 address-family rtfilter unicast
  neighbor 192.0.2.2 activate
  neighbor 192.0.2.2 send-community extended
 exit-address-family
 
 address-family ipv4 vrf cust1
  redistribute connected
 exit-address-family
 
 address-family ipv4 vrf cust2
  redistribute connected
 exit-address-family

^ Top

Previous page: Destination RTBH
Next page: Inter-AS MPLS Option B Prefix-Filtering (IOS-XR)