Route-Map
This scenario demonstrates how to configure route-map filtering for IPv6 BGP neighbors. The route-map command applies route-map filters to routes sent to or received from a neighbor. Options include import (filter incoming routes) and export (filter outgoing routes).
Test iBGP IPv6 - Route-map import filter
Description
Test to verify that route-map import filters incoming routes. DUT0 has a route-map that only permits 2001:db8:10::/64. DUT1 advertises two routes but DUT0 should only receive 2001:db8:10::/64.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address '2001:db8:1::100/64' set protocols bgp 20 neighbor peer address-family ipv6-unicast activate set protocols bgp 20 neighbor peer address-family ipv6-unicast route-map import IMPORT-MAP set protocols bgp 20 neighbor peer remote-address '2001:db8:1::200' set protocols bgp 20 neighbor peer remote-as 20 set protocols bgp 20 parameters router-id 1.1.1.100 set protocols ipv6 prefix-list IMPORT-PFX rule 10 action permit set protocols ipv6 prefix-list IMPORT-PFX rule 10 prefix '2001:db8:10::/64' set protocols route-map IMPORT-MAP rule 10 action permit set protocols route-map IMPORT-MAP rule 10 match ipv6 address prefix-list IMPORT-PFX set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces dummy dum0 address '2001:db8:10::1/64' set interfaces dummy dum1 address '2001:db8:20::1/64' set interfaces ethernet eth0 address '2001:db8:1::200/64' set protocols bgp 20 address-family ipv6-unicast redistribute connected set protocols bgp 20 neighbor peer address-family ipv6-unicast activate set protocols bgp 20 neighbor peer remote-address '2001:db8:1::100' set protocols bgp 20 neighbor peer remote-as 20 set protocols bgp 20 parameters router-id 1.1.1.200 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Attention
Verify iBGP session establishes between DUT0 and DUT1.
Step 3: Run command protocols bgp show ipv6 summary at DUT0 and check if output matches the following regular expressions:
2001:db8:1::200.*EstablishedShow output
IPv6 Unicast Summary: BGP router identifier 1.1.1.100, local AS number 20 VRF default vrf-id 0 BGP table version 0 RIB entries 0, using 0 bytes of memory Peers 1, using 24 KiB of memory Neighbor LocalAddr V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State PfxRcd PfxSnt Desc 2001:db8:1::200 0.0.0.0 4 20 2 2 0 0 0 00:00:01 Established 0 0 FRRouting/10.4.1 Total number of neighbors 1
Attention
Verify that DUT0 receives only 2001:db8:10::/64 (permitted by route-map).
Step 4: Run command protocols bgp show ipv6 at DUT0 and check if output matches the following regular expressions:
2001:db8:10::/64Show output
BGP table version is 1, local router ID is 1.1.1.100, vrf id 0 Default local pref 100, local AS 20 local address - Status codes: s suppressed, d damped, h history, u unsorted, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *>i 2001:db8:10::/64 fe80::dcad:beff:feef:6c10 0 100 0 ? Displayed 1 routes and 1 total paths
Test iBGP IPv6 - Route-map export filter
Description
Test to verify that route-map export filters outgoing routes. DUT1 has a route-map that only permits 2001:db8:10::/64 for export. DUT1 has two routes but only exports 2001:db8:10::/64 to DUT0.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address '2001:db8:1::100/64' set protocols bgp 20 neighbor peer address-family ipv6-unicast activate set protocols bgp 20 neighbor peer remote-address '2001:db8:1::200' set protocols bgp 20 neighbor peer remote-as 20 set protocols bgp 20 parameters router-id 1.1.1.100 set protocols ipv6 prefix-list IMPORT-PFX rule 10 action permit set protocols ipv6 prefix-list IMPORT-PFX rule 10 prefix '2001:db8:10::/64' set protocols route-map IMPORT-MAP rule 10 action permit set protocols route-map IMPORT-MAP rule 10 match ipv6 address prefix-list IMPORT-PFX set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces dummy dum0 address '2001:db8:10::1/64' set interfaces dummy dum1 address '2001:db8:20::1/64' set interfaces ethernet eth0 address '2001:db8:1::200/64' set protocols bgp 20 address-family ipv6-unicast redistribute connected set protocols bgp 20 neighbor peer address-family ipv6-unicast activate set protocols bgp 20 neighbor peer address-family ipv6-unicast route-map export EXPORT-MAP set protocols bgp 20 neighbor peer remote-address '2001:db8:1::100' set protocols bgp 20 neighbor peer remote-as 20 set protocols bgp 20 parameters router-id 1.1.1.200 set protocols ipv6 prefix-list EXPORT-PFX rule 10 action permit set protocols ipv6 prefix-list EXPORT-PFX rule 10 prefix '2001:db8:10::/64' set protocols route-map EXPORT-MAP rule 10 action permit set protocols route-map EXPORT-MAP rule 10 match ipv6 address prefix-list EXPORT-PFX set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Attention
Verify iBGP session establishes between DUT0 and DUT1.
Step 3: Run command protocols bgp show ipv6 summary at DUT0 and check if output matches the following regular expressions:
2001:db8:1::200.*EstablishedShow output
IPv6 Unicast Summary: BGP router identifier 1.1.1.100, local AS number 20 VRF default vrf-id 0 BGP table version 1 RIB entries 1, using 128 bytes of memory Peers 1, using 24 KiB of memory Neighbor LocalAddr V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State PfxRcd PfxSnt Desc 2001:db8:1::200 0.0.0.0 4 20 5 4 1 0 0 00:00:01 Established 1 0 FRRouting/10.4.1 Total number of neighbors 1
Attention
Verify that DUT0 receives only 2001:db8:10::/64 (permitted by export route-map).
Step 4: Run command protocols bgp show ipv6 at DUT0 and check if output matches the following regular expressions:
2001:db8:10::/64Show output
BGP table version is 1, local router ID is 1.1.1.100, vrf id 0 Default local pref 100, local AS 20 local address - Status codes: s suppressed, d damped, h history, u unsorted, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *>i 2001:db8:10::/64 fe80::dcad:beff:feef:6c10 0 100 0 ? Displayed 1 routes and 1 total paths
Test iBGP IPv6 - Route-map set metric
Description
Test to verify that route-map can modify route attributes. DUT1 exports routes with metric 100 set by route-map. DUT0 should receive routes with the modified metric.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address '2001:db8:1::100/64' set protocols bgp 20 neighbor peer address-family ipv6-unicast activate set protocols bgp 20 neighbor peer remote-address '2001:db8:1::200' set protocols bgp 20 neighbor peer remote-as 20 set protocols bgp 20 parameters router-id 1.1.1.100 set protocols ipv6 prefix-list IMPORT-PFX rule 10 action permit set protocols ipv6 prefix-list IMPORT-PFX rule 10 prefix '2001:db8:10::/64' set protocols route-map IMPORT-MAP rule 10 action permit set protocols route-map IMPORT-MAP rule 10 match ipv6 address prefix-list IMPORT-PFX set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces dummy dum0 address '2001:db8:10::1/64' set interfaces dummy dum1 address '2001:db8:20::1/64' set interfaces ethernet eth0 address '2001:db8:1::200/64' set protocols bgp 20 address-family ipv6-unicast redistribute connected set protocols bgp 20 neighbor peer address-family ipv6-unicast activate set protocols bgp 20 neighbor peer address-family ipv6-unicast route-map export SET-METRIC set protocols bgp 20 neighbor peer remote-address '2001:db8:1::100' set protocols bgp 20 neighbor peer remote-as 20 set protocols bgp 20 parameters router-id 1.1.1.200 set protocols route-map SET-METRIC rule 10 action permit set protocols route-map SET-METRIC rule 10 set metric 100 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Attention
Verify iBGP session establishes between DUT0 and DUT1.
Step 3: Run command protocols bgp show ipv6 summary at DUT0 and check if output matches the following regular expressions:
2001:db8:1::200.*EstablishedShow output
IPv6 Unicast Summary: BGP router identifier 1.1.1.100, local AS number 20 VRF default vrf-id 0 BGP table version 0 RIB entries 0, using 0 bytes of memory Peers 1, using 24 KiB of memory Neighbor LocalAddr V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State PfxRcd PfxSnt Desc 2001:db8:1::200 0.0.0.0 4 20 2 2 0 0 0 00:00:00 Established 0 0 FRRouting/10.4.1 Total number of neighbors 1
Attention
Verify that DUT0 receives route 2001:db8:10::/64 with metric 100.
Step 4: Run command protocols bgp show ipv6 at DUT0 and check if output matches the following regular expressions:
2001:db8:10::/64[\s\S]*?100Show output
BGP table version is 3, local router ID is 1.1.1.100, vrf id 0 Default local pref 100, local AS 20 local address - Status codes: s suppressed, d damped, h history, u unsorted, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *>i 2001:db8:1::/64 fe80::dcad:beff:feef:6c10 100 100 0 ? *>i 2001:db8:10::/64 fe80::dcad:beff:feef:6c10 100 100 0 ? *>i 2001:db8:20::/64 fe80::dcad:beff:feef:6c10 100 100 0 ? Displayed 3 routes and 3 total paths