Configuring BGP with Route Filtering

Well I sat in on Route, I failed by a single digits… yes 3%, I know all the information back and forward but one problem ceased me to fail…..I screwed up with policy base routing and I think I messed up a few simulations.  I cant really go into detail given the NDA, but if you do not use this stuff every day I would suggest to everyone that they will want to know the information forwards and backwards and be able to work with any IGP or BGP issue.

Getting back to the point, here is our topology.

This is not a real Fancy Topology just something to get the job done.  All remote routers connected to R1 have a static route 0.0.0 out of their outgoing interfaces, pretty simple.

Gateway of last resort is to network
C is directly connected, FastEthernet0/0S* is directly connected, FastEthernet0/0R2#

What I am trying to accomplish here is to have All telnet Traffic to be forwarded from Router R1 to to Router R3’s F0/0 interface, well actually the IP for that itnerface  In any other case we would normally have other issues but really its easy.  So we have to set up what is called a Route-map, also how would it work properly here?

In other blog posts I have brought up using policy base routing to make routing decisions based off of access lists.  So we will have to make the following steps….

On Router R1

-Make a Extended access list to capture from any source to any destination allow Telnet

-Make a route-map to fish all telnet traffic

-set the IP next Hop command for the Route-map to send out to

-Apply the policy to the Interface….This is where I had difficulty.

So how do we do this you ask!?!?!?!?????

On router R2

R1(config)#access-list 101 permit tcp any any eq telnet – > creates a Access list

R1(config)#route-map test 10 – > creates a route-map and the route-map sequence number

R1(config-route-map)#match ip address 101 – Catches Access-list 101

R1(config-route-map)#set ip next-hop – > If the match ip address 101 is satisfied it sets the next hop to

Next thing to do is try to telnet from R2 to a address that is unreachable, this way we can check the route-map after to see if it is taking any hits

Over to R2

R2#telnet …

% Connection timed out; remote host not responding

Oh noes!!!!!  But thats what we expected anways, lets check the Route-map to see if it is receiving any hits.
R1(config)#do sh route-maproute-map test

, permit, sequence 10

Match clauses:    ip address (access-lists): 101  Set clauses:

ip next-hop

Policy routing matches: 11 packets, 666 bytes

Clearly with the Matches we are in business and we are passing traffic!!!

Post a comment or leave a trackback: Trackback URL.


  • DansWife  On December 15, 2010 at 6:32 am

    dan rocks my socks with all this network talk =)

  • Steve  On December 15, 2010 at 11:56 am

    Nice write up Dan. The title is a little misleading though since the PBR has nothing to do with BGP. 🙂

    BTW, you rock my socks too.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: