Page 1 of 1

BGP Filter help

Posted: Sun Jul 15, 2012 1:29 pm
by armandfumal
Hi all,

I'm not good with filter, here is my case.

My network 213.177.64.0/19

between RB1100AH2 and Cisco 7206VXR I woudl like to redistribute connected route. It is working but I can't make a good filter from Mikrotik to control what it is send to the 7206.

today I have these working lines to announce only these 3 prefixes. It working ok but when I have a new route I have to add it to filter also.

add action=accept chain=BGP-filterOut prefix=213.177.72.96/29
add action=accept chain=BGP-filterOut prefix=213.177.65.0/24
add action=accept chain=BGP-filterOut prefix=213.177.66.224/27
add action=discard chain=BGP-filterOut


Is it a way to have filter rule that accept directly new connected route in my net 213.177.64.0/19 without adapting BGP filter ? I have try rule with 213.177.64.0/19 but no way.

thanks for your help.

Re: BGP Filter help

Posted: Sun Jul 15, 2012 3:51 pm
by cupis
My network 213.177.64.0/19

between RB1100AH2 and Cisco 7206VXR I woudl like to redistribute connected route. It is working but I can't make a good filter from Mikrotik to control what it is send to the 7206.

today I have these working lines to announce only these 3 prefixes. It working ok but when I have a new route I have to add it to filter also.

add action=accept chain=BGP-filterOut prefix=213.177.72.96/29
add action=accept chain=BGP-filterOut prefix=213.177.65.0/24
add action=accept chain=BGP-filterOut prefix=213.177.66.224/27
add action=discard chain=BGP-filterOut


Is it a way to have filter rule that accept directly new connected route in my net 213.177.64.0/19 without adapting BGP filter ? I have try rule with 213.177.64.0/19 but no way.
Try something like:
add action=accept chain=BGP-filterOut prefix=213.177.64.0/19 prefix-length=19-32
That should then just automatically allow any shorter prefixes within your /19.

Regards,

Re: BGP Filter help

Posted: Sun Jul 15, 2012 9:27 pm
by armandfumal
Thanks.

With this rules, it announce the three Prefixes but also the whole 213.177.64.0/19 that I don't want...

I want only the 3 prefixes...

thanks

Re: BGP Filter help

Posted: Sun Jul 15, 2012 10:06 pm
by cupis
With this rules, it announce the three Prefixes but also the whole 213.177.64.0/19 that I don't want...

I want only the 3 prefixes...
But you also want it to automatically pick up any new routes without you having to update the filter?

You could set prefix-length to 20-32 maybe? Otherwise can you be more specific with what you want to achieve, please?

Regards,

Re: BGP Filter help

Posted: Mon Jul 16, 2012 12:43 am
by armandfumal
I just want to redistribute the connected prefixe under my /19 without adap the filter. Today it is working just with my filter but with rules with /19 all prefixe are announced but also a prefixe with my whole /19 that i don t want. Need only the 3 connected prefixe....

Thanks

Re: BGP Filter help

Posted: Mon Jul 16, 2012 1:52 am
by armandfumal
Ok with prefix-length set to 20-32, it is working how I would like.

add action=accept chain=BGP-filterOut prefix=213.177.64.0/19 prefix-length=20-32
add action=discard chain=BGP-filterOut

result:
sh ip bgp neighbors 213.177.66.194 received-routes
BGP table version is 21750285, local router ID is 213.177.64.210
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
* i213.177.65.0 213.177.66.194 100 0 ?
* i213.177.66.224/27
213.177.66.194 100 0 ?
* i213.177.72.96/29 213.177.66.194 100 0 ?

Total number of prefixes 3



now I would like to understand the usage of prefix-length, could you explain ?

thanks

Re: BGP Filter help

Posted: Mon Jul 16, 2012 9:16 am
by docmarius
The fiilter will pass any network prefix with "perfix-length" mask originating in "prefix" network.
In your case, any 213.177.64.0/20, 213.177.64.0/21, ..., 213.177.64.0/32 which originate in 213.177.64.0/19, but not 213.177.64.0/19 (since the mask is not 20 to 32).

Re: BGP Filter help

Posted: Sun Jul 22, 2012 12:44 am
by MikroTikIQ
Hi..

could please try this..


/routing filter
add action=accept chain=BGP-filterOut disabled=no invert-match=no prefix=\
213.177.72.96/29 prefix-length=29 set-bgp-prepend-path=""
add action=accept chain=BGP-filterOut disabled=no invert-match=no prefix=\
213.177.65.0/24 prefix-length=24 set-bgp-prepend-path=""
add action=accept chain=BGP-filterOut disabled=no invert-match=no prefix=\
213.177.66.224/27 prefix-length=27 set-bgp-prepend-path=""
add action=discard chain=BGP-filterOut disabled=no invert-match=no \
set-bgp-prepend-path=""



Also..

I would to ask you..
1- did you add any entry in the network filed.?
2- what did you set in the instances ? as redistributed rule?

I advice to remove network from network entry if you add

and enable redistributed static route ...

Also you need to add static route in your routing table ... with specified perfix like:

1- ip route add dst-address=213.177.72.96/29 gateway=xxx
2- ip route add dst-address=213.177.65.0/24 gateway=xxx
3- ip route add dst-address=213.177.66.224/27 gateway=xxx

This way should be work..

Also dont miss to select in your peer the correct our put filter...!!!

Please let me know if all is okay .

Ali Sami
Mikrotik Authorized trainer