Hi dear fiend i have many prefixes that announce to internet
When run new peer i write filter to one by one prefixes
can i used prefix list like address list firewall and accept prefix list to peers???
Hi dear fiend i have many prefixes that announce to internet
When run new peer i write filter to one by one prefixes
can i used prefix list like address list firewall and accept prefix list to peers???
You can create a routing filter chain that will contain all the prefixes you want to allow.
And then from each peer’s filter you jump to that chain.
Pretty much the same principle as with firewall chains and jumps.
So I define Prefix filter on first prees and another Peers jump ro first rules define ???
Suppose the chain is called FilterPrefixes and you want to allow 10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16, and deny all other prefixes
The behavior of FilterPrefixes should be: If the prefix is acceptable, then FilterPrefixes will return to the calling chain. If the prefix is unacceptable, then the FilterPrefixes chain will discard the prefix.
So it would look like this:
1: prefix=10.0.0.0/8 prefix-length=8-24 action=return
2: prefix=172.16.0.0/12 prefix-length=12-24 action=return
3: prefix=192.168.0.0/16 prefix-length=16-24 action=return
4: action=discard
Then you have some peer PeerX with chain PeerX-Out
Rule 1 in PeerX-Out is:
jump to FilterPrefixes (unconditionally)
rules 2 and beyond will all be whatever stuff you need for that specific peer (prepend, set communities, etc.)
So what ends up happening is that all undesired prefixes get discarded by FilterPrefixes, and all acceptable prefixes get returned to the main chain for further processing.
i Test action for first rule must be acceprt for allow Prefix and disacrd any
Than For another peering jump ro olders chain be defined