Example 3: Configuring a Standard BGP Policy on a Router That
Receives Routes to Remote Private Sites
If the local router provides the only connection to the Internet, you may want
to use a default route for external traffic and BGP routes for traffic to remote
private sites. You can prevent your router's routing table from becoming filled
with external routes by only allowing it to accept private routes from the ISP
neighbor. You can apply an outbound filter to the neighbor to make doubly
sure that the local router only advertises the local routes.
First, complete the baseline BGP configuration described in "Example 1:
Baseline BGP Configuration" on page 13-107.
Then complete these steps to apply a policy to the neighbor:
1.
Configure a prefix list that only permits the private routes. In this example,
the private sites each use a /24 network in the 10.1.0.0 /16 range:
ProCurve(config)# ip prefix-list PrivateRoutes seq 10 permit 10.1.0.0/16 ge 24 le 24
The prefix list must permit the exact routes, including prefix length,
advertised by peers. If you are unsure how to correctly specify a range of
routes, you can always enter a series of statements for the exact routes
that peers will advertise to the router. For example, enter:
ProCurve(config)# ip prefix-list PrivateRoutes seq 10 permit 10.1.2.0/24
ProCurve(config)# ip prefix-list PrivateRoutes seq 20 permit 10.1.3.0/24
ProCurve(config)# ip prefix-list PrivateRoutes seq 30 permit 10.1.4.0/24
2.
You can also configure a prefix list to ensure that the router advertises
only local routes.
ProCurve(config)# ip prefix-list LocalRoutes seq 10 permit 10.1.1.0/24
3.
Apply the private routes prefix list to the neighbor as inbound policy.
ProCurve(config)# router bgp 3
ProCurve(config-bgp)# neighbor 10.10.0.1
ProCurve(config-bgp-neighbor)# prefix-list PrivateRoutes in
4.
Apply the local routes prefix list to the neighbor as outbound policy to
ensure that the local router only advertises the correct routes.
ProCurve(config-bgp-neighbor)# prefix-list LocalRoutes out
The running-config for Router A shown in Figure 13-23 is shown in Figure 13-25.
IP Routing—Configuring RIP, OSPF, BGP, and PBR
Configuring BGP
13-111