[afnog] Private IP Filters in bgp

Yasini Kilima ykilima at tra.go.tz
Fri May 25 13:41:26 UTC 2012


Thanks Noah I will do it and will feedback

-----Original Message-----
From: Maina Noah [mailto:noah at neo.co.tz]
Sent: Friday, May 25, 2012 3:05 PM
To: Yasini Kilima
Cc: afnog at afnog.org
Subject: Re: Private IP Filters in bgp

> Message: 3
> Date: Fri, 25 May 2012 11:14:22 +0000
> From: Yasini Kilima <ykilima at tra.go.tz>
> To: "afnog at afnog.org" <afnog at afnog.org>
> Subject: [afnog] Private IP Filters in bgp

> Hello Gurus,

Hello Yasin,

> I am trying to create an IP prefix filter to filter bogons Private
> blocks received from one of my peer provider's announcements.

Great.

> I don't want to receive his PRIVATE prefixes what should I do?

Create the access-list like example below that will match the above distribute list defined in ur bgp config.

access-list 100 remark RFC1918-Bogon-prefixes
access-list 100 deny   ip host 0.0.0.0 any
access-list 100 deny   ip 10.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255
access-list 100 deny   ip 127.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255
access-list 100 deny   ip 169.254.0.0 0.0.255.255 255.255.0.0 0.0.255.255
access-list 100 deny   ip 17.16.0.0 0.15.255.255 255.240.0.0 0.15.255.255
access-list 100 deny   ip 192.168.0.0 0.0.255.255 255.255.255.0 0.0.0.255
access-list 100 deny   ip 223.255.255.0 0.0.0.255 255.255.255.0 0.0.0.255
access-list 100 deny   ip 224.0.0.0 31.255.255.255 224.0.0.0 31.255.255.255
access-list 100 deny   ip 172.16.0.0 0.15.255.255 255.240.0.0 0.15.255.255
access-list 100 permit ip any any

Then, under your bgp config mode, define a distribute list like;

router bgp xyz
 neighbor a.b.c.d distribute-list 100 in

> Please help me!

I hope the above will help.

> Yasini.
>

./noah maina




________________________________



DISCLAIMER: This e-mail and any attachments are proprietary to TANZANIA REVENUE AUTHORITY.Any unauthorized use or interception is illegal. The views and opinions expressed are those of the sender, unless clearly stated as being those of TANZANIA REVENUE AUTHORITY. This e-mail is only addressed to the addressee and TANZANIA REVENUE AUTHORITY shall not be responsible for any further publication of the contents of this e-mail. If this e-mail is not addressed to you, you may not copy, print, distribute or disclose the contents to anyone nor act on its contents. If you received this in error, please inform the sender and delete this e-mail from your computer.





More information about the afnog mailing list