chrisb.dev

BGP prefix suppression

BGP Prefix Suppression can relate to suppresion of routers learnt from a BGP neighbor, or routes adertised to a neighbor. For the latter, there is Selective Prefix Suppression, which explicitly lists the networks which should not be advertised along with a summary route to a neighbor.

On IOS, you would use a suppress-map keyword with the aggregate-address summarisation. The keyword references a route-map under which specified prefixes will be suppressed when aggregated, as seen here on this blog post and Youtube video.

However, to suppress inbound BGP Routes you have a variety of options too. On IOS devices, you can use a prefix-set which a route policy refers to, and can be applied on an inbound direction to the BGP neighbour.

prefix-set drop_these-prefixes
10.1.2.0/24,
10.1.3.0/24
end-set

route-policy how_to_handle
if destination in drop_these-prefixes
drop
endif
end-policy

router bgp 1
neighbor 201.13.1.3
address-family ipv4 unicast
route-policy how_to_handle in

Alternatively, you can use as-path-set to filter based on the AS path. as-path-set uses regex so can identify if the AS is the originating AS, or an AS within the path. For example, ‘_22$’ identifies a prefix which originated in AS 22, and ‘_22_” identifies a prefix which transited AS 22, and ‘^$’ a route in the local AS.

as-path-set AS_set_to_keep
ios-regex ‘22$’, ios-regex ‘_22
end-set

route-policy apply_AS_set
if as-path in AS_set_to_keep then
pass
else
drop
endif
end-policy

router bgp 1
neighbor 201.13.1.3
address-family ipv4 unicast
route-policy apply_AS_set in

Finally, we can suppress prefixes based up their attributes. This is based on the common attributes of BGP defined under the RFC, and outlined here on the IANA website. This doesn’t work for the mandatory attributes: 1, 2, 3, 4, 8, 14, 15, and 16, and 5 (localpref), type 9 (Originator,) and type 10 (Cluster-id) can only be used with an eBGP neighbour.

To apply this filtering, under the BGP Process you can apply to the neighbour with two types of treatment: treat-as-withdraw (which suppresses the route) or discard (which removes the attribute).

router bgp 1
neighbor 201.13.1.3 path-attribute treat-as-withdraw 6 in
neighbor 88.101.22.4 path-attribute discard 5 in

Some useful links:

Cisco Guide to Configuring Routing on XR Routers

IP Routing: BGP Guide for Cisco IOS 17

Chris B

, ,

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: