Prefix-List

This scenario demonstrates how to configure prefix-list filtering for BGP neighbors. A prefix-list defines which IP prefixes can be advertised to or received from a BGP neighbor based on IP prefix matching. Unlike route-maps which can match many attributes (AS-path, communities, etc.), prefix-lists are optimized for simple and efficient IP prefix filtering. In this test, DUT0 is configured with a prefix-list that only permits advertisement of 1.1.1.0/24, preventing the directly connected network 10.215.200.0/24 from being advertised to DUT1. This is useful for controlling which routes are shared with BGP peers.

Test BGP with prefix-list

Description

Test to verify that prefix-list filtering controls which routes are advertised to BGP neighbors. DUT0 exports only routes matching prefix-list pl1 (1.1.1.0/24). DUT1 should receive route 1.1.1.0/24 but NOT the connected network 10.215.200.0/24.

Scenario

Step 1: Set the following configuration in DUT1 :

set interfaces ethernet eth0 address 10.215.200.50/24
set protocols bgp 20 neighbor peer remote-address 10.215.200.100
set protocols bgp 20 neighbor peer remote-as 10
set protocols bgp 20 neighbor peer route-map import PERMIT
set protocols route-map PERMIT rule 1 action permit
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 2: Set the following configuration in DUT0 :

set interfaces ethernet eth0 address 10.215.200.100/24
set protocols bgp 10 neighbor peer prefix-list export pl1
set protocols bgp 10 neighbor peer remote-address 10.215.200.50
set protocols bgp 10 neighbor peer remote-as 20
set protocols bgp 10 neighbor peer route-map export PERMIT
set protocols bgp 10 redistribute connected
set protocols ip prefix-list pl1 rule 1 action permit
set protocols ip prefix-list pl1 rule 1 prefix 1.1.1.0/24
set protocols route-map PERMIT rule 1 action permit
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Attention

Verify that DUT1 initially has no BGP routes because DUT0 has not yet configured the dummy interface.

Step 3: Run command protocols bgp show ip at DUT1 and check if output matches the following regular expressions:

No BGP prefixes displayed, 0 exist

Attention

Add dummy interface on DUT0 to create route 1.1.1.0/24 that matches the prefix-list.

Step 4: Modify the following configuration lines in DUT0 :

set interfaces dummy dum0 address 1.1.1.1/24

Attention

Verify that DUT1 receives route 1.1.1.0/24 via BGP from DUT0.

Step 5: Run command protocols bgp show ip at DUT1 and check if output matches the following regular expressions:

[\s\S]*1.1.1.0/24\s+10.215.200.100[\s\S]*

Attention

Verify that DUT1 does NOT receive the connected network 10.215.200.0/24 (filtered by prefix-list).

Step 6: Run command protocols bgp show ip at DUT1 and check if output does not match the following regular expressions:

10.215.200.0/24