Header
Home | Set as homepage | Add to favorites
  Search the Site     » Advanced Search
Sections
Syndication


Blogroll:

||||| ALL Cisco-Network ARTICLES |||||  
CCIE Journey,
The CCIE Journey,

Home : CCNP CCIE Complete : Route Filtering

Route Filtering

Nov 30,2008 by alperen

small font medium font large font
image

Route Filtering
Route filtering for BGP can be used for many different reasons. It can be used to manipulate the
attributes of a BGP, which in turn affects the way that the BGP speaker will view the route.
Route filtering can also be used to permit or deny certain routes from being accepted by the BGP
speaker or from being advertised by the speaker. BGP route filtering can occur as either ingress
filtering or egress filtering:
Ingress filtering Ingress filtering occurs when a route is received by the BGP speaker and
passed to the inbound policy engine. At this point, the system administrator can create a policy,
which will either permit or deny certain routes. The system administrator can also set up certain
256 Chapter 8  Border Gateway Protocol
policies, which will manipulate the BGP attributes of a route. For example, the system administrator
can manipulate the local preference of a route. By doing this, the system administrator
can better control which routes are stored in the BGP speaker Loc-RIB.
Egress filtering Egress filtering occurs when a route is passed into the outbound policy engine.
Egress filtering functions the same as ingress filtering. The only difference is that the BGP
speaker is making the decisions on the routes being advertised to its peers and manipulating
those routes’ BGP attributes.
There are different ways to implement BGP route filtering. The three filtering techniques that
are most commonly used are route maps, distribute lists, and prefix lists. We will take a brief
look at each of these different filtering techniques here. These filtering techniques are covered
in more detail in Chapter 9.
Route maps Out of all the filtering techniques available, route maps give the user the most
control over routing decisions. Route maps are a sequence of set and match statements. A
match statement is used to decide which IP routes to permit or deny. If the particular sequence
of the route map is permitting the IP routes, the set statement can be used to manipulate the
attributes of the path. Route maps can be implemented as either ingress or egress filters.
Distribute lists Distribute lists are filters that can be implemented as either an ingress or
egress filter. Unlike route maps where you can actually manipulate the attributes of a route,
distribute lists allow you only to permit or deny a route. A distribute list is tied to either an
access list or a prefix list. The access list or prefix list actually states which particular routes
to permit or deny.
Prefix lists Prefix lists are similar to access lists. A prefix list can be used to limit the information
advertised into a router or advertised by the router. Prefix lists give you a little more control
than access lists. The major benefit of a prefix list over an access list is that a prefix list contains
a sequence number for each line of the prefix list. This allows you to add, remove, and modify
lines in a prefix list without having to delete it and re-create it as you would an access list.
The use of ingress and egress filters gives the system administrator tremendous control over
the BGP routing decisions a BGP speaker will make. The various filtering techniques introduced
here are not limited to BGP. These filtering techniques can be used for all the other routing protocols
we’ve covered so far. We will take a more detailed look at these filtering techniques in
regard to the other routing protocols covered in Chapter 10, “Route Optimization.”
357 times read

Related news
» IGP distribute list
by alperen posted on Dec 01,2008
» Distribute list
by alperen posted on Dec 01,2008
» Prefix Lists
by alperen posted on Dec 01,2008
» Restricting Networks Advertised to a BGP Peer
by admin posted on Jul 21,2008
» Filtering with Redistribution
by alperen posted on Dec 01,2008
Did you enjoy this article?
1 2 3 4 5
(total 0 votes)

comment Comments (0 posted) 

More Top News
CCSP-Cisco Certified Security Professional
arrow Cisco SAFE Implementation
arrow Preparation Documents
arrow Exam Topics
arrow Skills Required for the Exam
arrow Cisco SAFE Implementation Questions and Answers
arrow Access Control Lists Cisco
arrow Access List Basics
arrow Standard Access Lists
arrow Verifying ACLs
arrow Extended Access Lists
arrow TCP Access Lists
arrow UDP Access Lists
arrow ICMP Access Lists
arrow Named Access Lists
arrow Signature and Alarm Management Review
arrow Signature and Alarm Management Review Questions and Answers
arrow Event Viewer
arrow Managing Alarms
arrow Event Viewer Customization
arrow Preference Settings
arrow Sensor Installation
arrow Connecting to Your Network Sensor Appliance
arrow Sensor Bootstrap
arrow Sensor Installation and Configuration Review
arrow Sensor Installation and Configuration Questions and Answers
arrow Signature and Alarm Management
arrow CIDS Signatures
arrow Signature Series
arrow Signature Implementations
arrow Signature Classes
arrow Signature Types
arrow Signature Severity
Most Popular
Most Commented
Featured Author

admin

image
<| Cisco Articles | Maximum Learning | All Cisco-Network Study Notes | Privacy Policy |>
If you think you own the material being used without permission, contact alperenmad[at]hotmail.com. material will be removed from the site.