HP ProCurve Secure Router 7203 dl Advanced Management And Configuration Manual page 693

N o t e
N o t e
For example, a BGP router might connect to another AS that includes a /16
network many contiguous subnets of variable lengths. The neighbor would
know many routes, perhaps a route to each individual subnet; however, the
local BGP router can get by with only the next-hop address that leads to the
entire range. You could configure a filter to screen out all routes to the /16
network with lengths greater than 16.
Make sure that the administrator of the external AS agrees on the length for
subnets. In the example discussed above, the ISP must be aware that the local
router will not accept routes to, for example, /20 subnets and configure the
ISP router to advertise the /16 route.
The ProCurve Secure Router uses prefix lists as filters. You can configure a
separate internal and external filter, and separate filters for each neighbor.
You should apply an inbound filter to stop the BGP interface from receiving
external routes, and an outbound filter to stop it from advertising routes.
You configure entries for prefix lists from the global configuration mode
context:
Syntax: ip prefix-list <listname> seq <sequence number> [deny | permit] <A.B.C.D>/
<prefix length> [ge <prefix length>] [le <prefix length>]
Do not include a space between the IP address and the / that precede the prefix
length.
For example, you can create a prefix list entry to drop all routes with a prefix
length greater than or equal to 24:
ProCurve(config)# ip prefix-list FilterIn seq 10 deny 0.0.0.0/0 ge 24
To break this command down into its steps, you:
name the list
assign the entry an order
specify whether the filter permits or denies routes that match the entry
specify the network address, including prefix length
optionally, specify the range of prefix lengths that the router will permit
(or deny) for routes to subnets within this network
IP Routing—Configuring RIP, OSPF, BGP, and PBR
Configuring BGP
13-79