Figure 22: Filtering Routes With An Access List - Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - BGP AND MPLS CONFIGURATION GUIDE 2010-10-12 Configuration Manual

Figure 22: Filtering Routes with an Access List

access-list
clear access-list
Copyright © 2010, Juniper Networks, Inc.
host3(config-router)#neighbor 10.5.5.4 distribute-list reject1 in
host3(config-router)#exit
host3(config)#access-list reject1 permit 172.24.48.0 0.0.255
host3(config)#access-list reject1 deny 172.24.160.0 0.0.255
host3(config)#access-list reject1 permit 172.24.24.0 0.0.255
Consider the network shown in Figure 22 on page 83. Router NY originates network
10.16.22.0/23 and advertises it to router LA. Suppose you do not want router LA to
advertise that network to router Boston. You can apply an access list to updates from
router LA to router Boston that prevents router LA from propagating updates for network
10.16.22.0/23.
The following commands configure router LA:
host2(config)#router bgp 400
host2(config-router)#network 172.24.160.0 mask 255.255.224.0
host2(config-router)#neighbor 10.72.4.2 remote-as 300
host2(config-router)#neighbor 10.5.5.1 remote-as 100
host2(config-router)#neighbor 10.5.5.1 distribute-list 1 out
host2(config-router)#exit
host2(config)#access-list 1 deny 10.16.22.0 0.254.255.255
Use to define an IP access list to permit or deny routes based on the prefix.
Each access list is a set of permit or deny conditions for routes based on matching a
route's prefix.
Use the neighbor distribute-list command to apply the access list to routes received
from or forwarded to a neighbor.
Use the log keyword to log an Info event in the ipAccessList log whenever an access-list
rule is matched.
Use the no version to delete an IP access list or the specified entry in the access list.
See access-list.
Use to clear IP access list counters.
Each access list has a counter for its entries.
Chapter 1: Configuring BGP Routing
83