8/8/2019 BGP Route Filters Assignment

http://slidepdf.com/reader/full/bgp-route-filters-assignment 1/6

 

2010 

2/20/2010

Submitted By:

Poulomee Bhowal (9030241224)

Rajashree Mishra--- (9030241227)

Sanket Jarunde------ (9030241228)

Suneet Malik--------- (9030241233)

BGP ROUTE FILTERS

8/8/2019 BGP Route Filters Assignment

http://slidepdf.com/reader/full/bgp-route-filters-assignment 2/6

2 | P a g e  

Introduction:

Filtering  is the process by which certain routes are not considered for inclusion in

the local route database, or not advertised to one's neighbors. Route filtering is

 particularly important for BGP on the global Internet, where it is used for a variety

of reasons.

Route filters are a set of routes against which a given route will be matched. The resulting action

of a match will depend on the use of the route filter. Routes filters are used in the import and

export statements, as well as in the Martians and other protocol definitions. This section is a

generic description of the route filters and how routes are matched.

A route will match the most specific filter that applies. Specifying more than one filter with the

same destination, mask and modifiers will generate an error.

BGP filtering refers to the ability of BGP peer to apply administrative policies to incoming and

outgoing routing updates messages. These policies are implemented as rules organized in chains.

The following manual uses terms µchain¶ and µfilter¶ interchangeably. Each rule consists of two

 parts, one of them specifies to which prefixes the rule applies to and the other tells the router 

what to do with these prefixes. A rule with no arguments applies to all prefixes and implies

accept action. The routing filters may be applied to incoming and outgoing routing update

messages for a specific BGP peer and to outgoing BGP update messages for a particular BGP

instance.

8/8/2019 BGP Route Filters Assignment

http://slidepdf.com/reader/full/bgp-route-filters-assignment 3/6

3 | P a g e  

Filter rulesAction: - It performs on route or route attributes for the NLRI prefixes that match the rules.

Accept: - accept the routing information for the matching NLRI prefix.

Discard: - completely exclude matching prefix from the BGP processing. The route will be

deleted from the incoming BGP routing update message, thus reducing memory usage on the

router. For outgoing BGP update messages the discard action is equal to reject.

Jump: - pass control to another filter list that should be specified as jump target parameter.

None: - do not perform any action and pass execution to the next rule in chain. The none actionis not displayed by print command.

Reject: - reject the routing information for matching prefix. The prefix from incoming BGP

routing update message is to be shown with R (rejected) flag in the ip route print command

output. The prefix is suppressed from outgoing routing update message.

Return: - return to the previous chain from which a jump to the current chain took place.

Types of filteringThere are two times when a filter can be naturally applied: when learning routesfrom a neighbor, and when announcing routes to a neighbor.

Input filtering

In input filtering, a filter is applied to routes as they are learned from a neighbor. A

route that has been filtered out is discarded straight away, and hence not considered

for inclusion into the local routing database.

8/8/2019 BGP Route Filters Assignment

http://slidepdf.com/reader/full/bgp-route-filters-assignment 4/6

4 | P a g e  

Output filtering

In output filtering, a filter is applied to routes before they are announced to a

neighbor. A route that has been filtered out is never learned by a neighbor, and

hence not considered for inclusion in the remote route database .  

Filtering syntaxA route filter is a list of one or more of the following entity:

Network [exact | refines]

Network  m ask mask [exact | refines]

Network  m ask len number [exact | refines]

 All 

Default 

Host host

BGP FILTERING

8/8/2019 BGP Route Filters Assignment

http://slidepdf.com/reader/full/bgp-route-filters-assignment 5/6

5 | P a g e  

Reasons to filter ECONOMIC REASONS

When a site is multihomed, announcing non-local routes to a neighbor different from the one it

was learned from amounts to advertising the willingness to serve for transit, which is undesirable

unless suitable agreements are in place. Applying output filtering on these routes avoids this

issue.

SECURITY REASONS

An ISP will typically perform input filtering on routes learned from a customer to restrict them tothe addresses actually assigned to that customer. Doing so makes address hijacking more

difficult.

Similarly, an ISP will perform input filtering on routes learned from other ISPs to protect its

customers from address hijacking.

TECHNICAL REASONS

In some cases, routers have insufficient amounts of main memory to hold the full global BGP

table. A simple work-around is to perform input filtering, thus limiting the local route database to

a subset of the global table. This can be done by filtering on prefix length (eliminating all routes

for prefixes longer than a given value), on AS count, or on some combination of the two.

This practice is not recommended, as it can cause suboptimal routing or even communication

failures with small networks, and frustrate the traffic-engineering efforts of one's peers.

8/8/2019 BGP Route Filters Assignment

http://slidepdf.com/reader/full/bgp-route-filters-assignment 6/6

6 | P a g e  

Reference:

[1]http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800c95bb.shtml 

[2]http://ws.edu.isoc.org/workshops/2005/SANOG-VI/routing/materials/module03.pdf 

[3]http://docstore.mik.ua/gated/node40.html 

[4]http://en.wikipedia.org/wiki/Route_filtering 

[5]http://www.cymru.com/gillsr/documents/junos-route-filter.pdf