Shulou(Shulou.com)06/01 Report--

The purpose of this lab is to verify ORF (outbound route filtering)

R1 configuration:

Loopback0 1.1.1.1

Loopback1 192.168.1.1/24

Loopback2 192.168.2.1/24

Loopback3 192.168.3.1/24

Loopback4 192.168.4.1/24

E1/0 10.1.12.1

R2 configuration:

Loopback 2.2.2.2

E1/0 10.1.12.2

Configure IGP (RIP) to maintain connectivity:

R1 configuration:

Router rip

Version 2

Network 1.0.0.0

Network 10.0.0.0

Network 192.168.1.0

Network 192.168.2.0

Network 192.168.3.0

Network 192.168.4.0

No auto-summary

R2 configuration:

Router rip

Version 2

Network 2.0.0.0

Network 10.0.0.0

No auto-summary

Start configuring BGP:

R1 configuration:

Router bgp 1

Bgp router-id 1.1.1.1

Bgp log-neighbor-changes

Network 1.1.1.0 mask 255.255.255.255

Network 10.1.12.0 mask 255.255.255.0

Network 192.168.1.0

Network 192.168.2.0

Network 192.168.3.0

Network 192.168.4.0

Neighbor 2.2.2.2 remote-as 2

Neighbor 2.2.2.2 ebgp-multihop 2

Neighbor 2.2.2.2 update-source Loopback0

R2 configuration:

Router bgp 2

Bgp router-id 2.2.2.2

Bgp log-neighbor-changes

Network 2.2.2.2 mask 255.255.255.255 backdoor

Network 10.1.12.0 mask 255.255.255.0

Neighbor 1.1.1.1 remote-as 1

Neighbor 1.1.1.1 ebgp-multihop 2

Neighbor 1.1.1.1 update-source Loopback0

When the BGP configuration is complete, you can see the four routes advertised by R1 on R2, 192.168.1.0, 24 192.168.2.0, 24 192.168.3.0, 24 192.168.4.0, 24.

R2#sh ip bgp

BGP table version is 6, local router ID is 2.2.2.2

Status codes: s suppressed, d damped, h history, * valid, > best, I-internal

R RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter

X best-external, an additional-path, c RIB-compressed

Origin codes: I-IGP, e-EGP,?-incomplete

RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path

R > 10.1.12.0 Compact 24 1.1.1.1 00 1 I

* > 192.168.1.0 1.1.1.1 0 01 I

* > 192.168.2.0 1.1.1.1 0 01 I

* > 192.168.3.0 1.1.1.1 0 01 I

* > 192.168.4.0 1.1.1.1 0 01 I

From now on, configure ORF to filter out 192.168.1.0 picks 24 192.168.3.0 picks 24 on R2, so that R2 only receives 192.168.2.0 picks 24 192.168.4.0 picks 24.

First configure the prefix-list list:

Ip prefix-list 1 seq 5 permit 192.168.2.0/24

Ip prefix-list 1 seq 10 permit 192.168.4.0/24

Then append the configuration to R1/R2:

Router bgp 1

Neighbor 2.2.2.2 capability orf prefix-list receive

* Jul 12 14 Down Capability changed 44 Down Capability changed 55.843:% BGP-5-ADJCHANGE: neighbor 2.2.2.2

* Jul 12 14 IPv4 Unicast topology base removed from session Capability changed 44 IPv4 Unicast topology base removed from session Capability changed 55.843:% BGP_SESSION-5-ADJCHANGE: neighbor 2.2.2.2

* Jul 12 14 Up 44 Up 56.271:% BGP-5-ADJCHANGE: neighbor 2.2.2.2

When the configuration is complete, you will be prompted for capability changed.

Router bgp 2

Nei 1.1.1.1 capability orf prefix-list both

Nei 1.1.1.1 prefix-list 1 in

* Jul 12 14 Down Capability changed 35 Down Capability changed 27.863:% BGP-5-ADJCHANGE: neighbor 1.1.1.1

* Jul 12 14 IPv4 Unicast topology base removed from session Capability changed 35 IPv4 Unicast topology base removed from session Capability changed 27.863:% BGP_SESSION-5-ADJCHANGE: neighbor 1.1.1.1

* Jul 12 14 Up 35 Up 28.823:% BGP-5-ADJCHANGE: neighbor 1.1.1.1

When the configuration is complete, you will be prompted for capability changed.

Configuration on R2:

The command neighbor 1.1.1.1 capability orf prefix-list both activates the ORF function between R2 and R1 BGP neighbors, indicating that R1 and R2 "swap" prefix-list.

The command nei 1.1.1.1 prefix-list 1 in is used to allow R2 to receive only the two routes with the route prefix 192.168.2.0 and 24 192.168.4.0, and reject all other routes.

The command clear ip bgp 1.1.1.1 in prefix-filter forces R2 to push the prefix-list in the inbound direction set by this router to R1.

Configuration on R1:

The command neighbor 2.2.2.2 capability orf prefix-list receive is used to accept the relevant route filtering settings about ORF pushed from R2.

At this point, the configuration is complete, and you can view the results on R1:

R1#sh ip bgp neighbors 2.2.2.2 advertised-routes

BGP table version is 6, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, I-internal

R RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter

X best-external, an additional-path, c RIB-compressed

Origin codes: I-IGP, e-EGP,?-incomplete

RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path

* > 192.168.2.0 0.0.0.0 32768 I

* > 192.168.4.0 0.0.0.0 32768 I

Total number of prefixes 2

On R1, you can see that R1 only sends the route 192.168.2.0 to R2, and the other routes are rejected, which proves that the configuration of R2 is correct, and R1 has received the ORF filtering route configuration pushed by R2.

R2#sh ip bgp

BGP table version is 9, local router ID is 2.2.2.2

Status codes: s suppressed, d damped, h history, * valid, > best, I-internal

R RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter

X best-external, an additional-path, c RIB-compressed

Origin codes: I-IGP, e-EGP,?-incomplete

RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path

* > 10.1.12.0 Compact 24 0.0.0.0 32768 I

* > 192.168.2.0 1.1.1.1 0 01 I

* > 192.168.4.0 1.1.1.1 0 01 I

Similarly, you can see the effect on R2, where only two routing prefixes of permit are received from R1.

So in fact, ORF is a feature of routing filtering with the help of prefix-list, which pushes the prefix-list locally to the peer, allowing the peer to perform the filtering of the routing prefix.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.