Extreme Networks

Elie_Raad · ‎06-22-2017

Hi,
i am trying to deny exact prefixes 66.133.0.0/23 and 66.133.2.0/23 from being advertised and allow everyhting else to an iBGP neighbor (214.63.21.4) the configuration should be done on 214.63.21.3. using a neighbor route-policy command.

Neighbor 214.63.21.3 is connected to neighbor 214.63.21.4.

can someone help .
thank you,
elie

Jarek · ‎06-22-2017

Elie,

what EXOS you have on those switches ?

Maybe you are facing: https://gtacknowledge.extremenetworks.com/articles/Solution/Switch-reboots-with-EPM-application-wdg-...

--
Jarek

Elie_Raad · ‎06-22-2017

hi Nick,
can you please explain to me what this route-policy do when applied to a bgp neighbor out
entry TOEXP{
if match all {
nlri 66.133.0.0/23 exact;
nlri 66.133.2.0/23 exact;
}then{
deny;
}
}
entry TOEXP1{
if match any{
nlri 0.0.0.0/0;
}then{
}
}
. once i applied this config on the primary bgp router out toward the standby router the Switch reboots with EPM application wdg timer warning messages and the rtmgr process memory went high

Nick_Yakimenko · ‎06-22-2017

in fact, without exact keyword you may filter out only 66.133.0.0/22
that will filter all specific announces of your inetnum 66.133.0.0-66.133.3.254 from a /22 to a /32

Nick_Yakimenko · ‎06-22-2017

First you create policy

edit policy bgp-out

An editor based on vi will be opened (press i to edit, ESC to stop editing, then type :wq to exit

Enter following

entry bgp-out-00 {if match any {
nlri 66.133.0.0/23;
nlri 66.133.2.0/23; }
then {
deny ;
}
}

Then you apply the policy to a neighbor:

configure bgp neighbor 214.63.21.4 route-policy out bgp-out

if you ever after edit the policy, you may refresh changes issuing the command

refresh policy bgp-out

Elie_Raad · ‎06-22-2017

Thank You Nick

Extreme Networks

deny specific prefixes in bgp

deny specific prefixes in bgp