Example: ouni bgp ingress route filtering with routepolicy¶
r1
hostname r1
vrf def v1
rd 1:1
exit
int lo0
vrf for v1
ipv4 addr 2.2.2.1 255.255.255.255
ipv6 addr 4321::1 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
exit
int lo1
vrf for v1
ipv4 addr 2.2.2.11 255.255.255.255
ipv6 addr 4321::11 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
exit
int lo2
vrf for v1
ipv4 addr 2.2.2.21 255.255.255.255
ipv6 addr 4321::21 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
exit
int eth1
vrf for v1
ipv4 addr 1.1.1.1 255.255.255.252
ipv6 addr 1234:1::1 ffff:ffff::
exit
route-policy p4
if network 2.2.2.12/32
drop
else
pass
enif
exit
route-policy p6
if network 4321::12/128
drop
else
pass
enif
exit
router bgp4 1
vrf v1
no safe-ebgp
address ouni
local-as 1
router-id 4.4.4.1
neigh 1.1.1.2 remote-as 2
neigh 1.1.1.2 other-route-policy-in p6
afi-other ena
no afi-other vpn
afi-other red conn
exit
router bgp6 1
vrf v1
no safe-ebgp
address ouni
local-as 1
router-id 6.6.6.1
neigh 1234:1::2 remote-as 2
neigh 1234:1::2 other-route-policy-in p4
afi-other ena
no afi-other vpn
afi-other red conn
exit
r2
hostname r2
vrf def v1
rd 1:1
exit
int lo0
vrf for v1
ipv4 addr 2.2.2.2 255.255.255.255
ipv6 addr 4321::2 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
exit
int lo1
vrf for v1
ipv4 addr 2.2.2.12 255.255.255.255
ipv6 addr 4321::12 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
exit
int lo2
vrf for v1
ipv4 addr 2.2.2.22 255.255.255.255
ipv6 addr 4321::22 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
exit
int eth1
vrf for v1
ipv4 addr 1.1.1.2 255.255.255.252
ipv6 addr 1234:1::2 ffff:ffff::
exit
router bgp4 1
vrf v1
no safe-ebgp
address ouni
local-as 2
router-id 4.4.4.2
neigh 1.1.1.1 remote-as 1
afi-other ena
no afi-other vpn
afi-other red conn
exit
router bgp6 1
vrf v1
no safe-ebgp
address ouni
local-as 2
router-id 6.6.6.2
neigh 1234:1::1 remote-as 1
afi-other ena
no afi-other vpn
afi-other red conn
exit
r1 tping 100 60 2.2.2.2 vrf v1
r1 tping 100 60 4321::2 vrf v1
r1 tping 0 60 2.2.2.12 vrf v1
r1 tping 0 60 4321::12 vrf v1
r1 tping 100 60 2.2.2.22 vrf v1
r1 tping 100 60 4321::22 vrf v1
r2 tping 100 60 2.2.2.1 vrf v1
r2 tping 100 60 4321::1 vrf v1
r2 tping 100 60 2.2.2.11 vrf v1
r2 tping 100 60 4321::11 vrf v1
r2 tping 100 60 2.2.2.21 vrf v1
r2 tping 100 60 4321::21 vrf v1
- Install ContainerLab as described here
- Fetch rout-bgp453 file
- Launch ContainerLab
rout-bgp453.yml
topology:
containerlab deploy --topo rout-bgp453.yml
rout-bgp453.yml
topology:
containerlab destroy --topo rout-bgp453.yml