Overview

It is possible to filter when advertising and receiving route information to and from a specified neighbor with BGP. “How to identify the route information” is important in route filtering with BGP.

This section describes the different types of BGP route filters.

BGP Route Filter Types

To filter route information sent to and received from a specified neighbor with BGP, the following methods are available.

  • distribute-list
  • prefix-list
  • filter-list
  • route-map

The route map can add or change path attributes as well as simple filters.

Route Filter Points

There are two important points in the route filter.

  1. Specifying the route to be filtered
  2. Timing to filter

In the case of BGP, the important thing is “how to identify route information” because the timing of filtering is fixed by sending/receiving with the neighbor. In the following sections, focusing on “how to identify route information,” each filtering method will be explained.

Specifying the route to be filtered

distribute-list

The distribution-list specifies the BGP route information to be filtered by ACL. The network address of the route information is referenced by a standard ACL. Standard ACLs essentially configure conditions for the source IP address of an IP packet. However, when used in distribution-list, standard ACLs configure conditions for network addresses.

Extended ACLs are used to specify route information to be filtered by referencing not only network addresses but also subnet masks. The source IP address condition of the extended ACL is interpreted as a network address. And the destination IP address condition is interpreted as a subnet mask.

The standard/extended ACL permit/deny is the action of allowing or denying route information. Specifically, when applied in, permit means receive route information; when applied out, permit means advertise route information. Also, when applied in, deny discards route information; when applied out, deny does not advertise route information.

prefix-list

The prefix list identifies the BGP route information to be filtered and determines the action to be taken. The prefix list can be configured according to the bit pattern of the network address and the range of the subnet mask.

And, permit/deny in the prefix-list is the action of allowing or denying route information.

filter-list

The filter list identifies the BGP route information to be filtered by AS_PATH ACL. The AS_PATH ACL refers to the AS_PATH attribute specific to the BGP route; the string of AS numbers contained in AS_PATH is configured as a regular expression condition.

AS_PATH ACL permit/deny is the action of allowing or denying route information.

Related articles

See also the following article about configuring and verifying commands for BGP route filtering by filter-list (AS_PATH ACL).

Here is an example of concrete configuration of BGP route filter by filter-list (AS_PATH ACL).

route-map

The route map will eventually refer to the above distribute-list/prefix-list/filter-list. Associating distribute-list/prefix-list/filter-list with a route map match condition identifies the BGP routes to be filtered.

If a route map is used, routes can also be specified using AND and OR conditions that combine distribute-list/prefix-list/filter-list.

It is of course OK to configure conditions other than distribute-list/prefix-list/filter-list in match condition.

The route-map permit/deny is the action of allowing or denying route information. Note that the combination of permit/deny of the route map and permit/deny of the distribution list/prefix list/filter list referenced in the route map can be a bit complicated. Finally, please clarify that the route-map permit/deny allows or denies route information.Then, additional path attributes can be set for the BGP routes that have been permitted.

Related articles

See also the following article about configuring and verifying commands for BGP route filtering by route-map.

Here is an example of concrete configuration of BGP route filter by route-map.

Summary of route information specification

The following table summarizes the information referenced and how to specify the route for each filter method.

Filter methodReferenced informationSpecify the route
distribute-listNetwork addressStandard ACL
Network address + subnet maskExtended ACL
prefix-list Network address + subnet mask prefix-list
filter-listAS_PATH attributeAS_PATH ACL
route-mapAll aboveAll above
Table BGP Route Filter Characteristics

The following figure also summarizes which parts of the BGP route information are referenced by each route filter.

Figure BGP Route Filter
Figure BGP Route Filter

Route maps are the most flexible, allowing for filtering of BGP routes based on a variety of information. The route map is, to put it plainly, versatile, like a joker. But to use the route map properly, it is a prerequisite to understand the distribute-list/prefix-list/filter-list.

Summary

Points

  • You can filter BGP routes sent to and received from specified neighbors.
  • The point of filtering BGP routes is “how to identify route information”.