前文我们聊了下通过修改BGP路由属性来影响路由,从而达到控制BGP路由的目的;回顾请参考https://www.cnblogs.com/qiuhom-1874/p/15495585.html;今天我们来聊一聊BGP路由过滤和AS-Path-filter过滤器的使用;
BGP路由过滤
BGP路由过滤是指对特定的路由通过策略或者过滤器在出方向或入方向做允许或拒绝,从而来达到控制路由的收发;
示例:通过ip 前缀列表匹配要拒绝的路由,然后使用过滤工具过滤掉满足条件的路由
[R5-bgp]dis bg r BGP Local router ID is 5.5.5.5 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete Total Number of Routes: 3 Network NextHop MED LocPrf PrefVal Path/Ogn *> 1.1.1.1/32 45.0.0.4 0 234 11i *> 7.7.7.7/32 45.0.0.4 0 234 11i *> 8.8.8.8/32 45.0.0.4 0 234 11i [R5-bgp]dis ip ip-prefix Prefix-list 1.1.1.1 Permitted 2 Denied 4 index: 10 deny 1.1.1.1/32 index: 20 permit 0.0.0.0/0 le 32 [R5-bgp]filter-policy ip-prefix 1.1.1.1 import [R5-bgp]d th [V200R003C00] # bgp 55 router-id 5.5.5.5 peer 45.0.0.4 as-number 234 # ipv4-family unicast undo synchronization filter-policy ip-prefix 1.1.1.1 import peer 45.0.0.4 enable # return [R5-bgp]dis bg r BGP Local router ID is 5.5.5.5 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete Total Number of Routes: 2 Network NextHop MED LocPrf PrefVal Path/Ogn *> 7.7.7.7/32 45.0.0.4 0 234 11i *> 8.8.8.8/32 45.0.0.4 0 234 11i [R5-bgp]
11-12 11:14