Category Archives: 3.7.d Implement optimize and troubleshoot routing policies

3.7.d Implement optimize and troubleshoot routing policies

3.7.d [iii] Outbound route filtering


down arrow smaller


read the opening paragraph from rfc5291 in the diagram:

or read the whole thing here:

configure bgp between AS 100 and AS 200; advertise the lo’s from PE1. debug bgp updates.



turn on the orf capability for both sides:


set up a prefix-list and make PE1 send only the routes you want.


 what i like about the debug is you don’t need to check the bgp table…

if you don’t want to be all godzilla when you clear bgp, (like if it’s a production network) the softer way is illustrated below:


have fun orf’ing off…

3.7.d Implement, optimize and troubleshoot routing policies

3.7.d [i] Attribute manipulation

tasks are on the diagram:


the topology is here:

down arrow smaller



BGP doesn’t care that the serial link is slower. in this case the ethernet link was older.



reduce the routing table of AS-2000 so that it is only permitted and from R2, and only from R3.  it’s routing table will look like this:


the final config is below if needed.


3.7.d Implement, optimize and troubleshoot routing policies

3.7.d [i] Attribute manipulation

the tasks are on the diagram:


download this:

down arrow smaller


before AS-PATH manipulation:


note the ttl from ebgp multi-hop set for 2

AS-11#sh run | i multi
neighbor ebgp-multihop 2
neighbor ebgp-multihop 2


go to this link to analyze the cap yourself:

down arrow smaller

and this is the disable-connected:

the next task is to change the path to to use AS-55 using the AS-PATH attribute from AS-22:

AS-22(config-router)#neigh route-map AS-PATH out
AS-22(config-router)#route-map AS-PATH permit 10
AS-22(config-route-map)#set as-path prepend 22 22 22 22 22
AS-22(config-route-map)#match ip add
AS-22(config-route-map)#route-map AS-PATH permit 20
AS-22(config-route-map)#access-list 1 permit
AS-22(config)#router bgp 22
AS-22(config-router)#neigh route-map AS-PATH out


below is an excellent tutorial from

AS-33 will be set up in similar fashion; AS-11 will be slightly different.

i think the concept of inbound and outbound concerning these manipulations gives people headaches. i know it did me. and i also think it’s not explained very well.  try to think of it from the perspective of the advertising router. for instance, AS-11 will receive the 33 route directly from two sources, AS-22 and AS-55 (and indirectly from AS-33, the originator). however, from AS-22’s perspective it is receiving the route in from AS-33, and then advertising the route out, or toward AS-11. conversely, if we want to manipulate the route at AS-11, then the route will be incoming to AS-11 but the policy will be toward neighbor AS-22.

as in:


as with access-lists if desired, DO NOT FORGET the route-map permit at the end. that’ll bite you in the ass…

3.7.d Implement, optimize and troubleshoot routing policies

3.7.d [i] Attribute manipulation

questions, comments:


download this…

down arrow smaller


begin with the IGP; verify connectivity.

R1#sh cdp neigh det | i Device|IP
Device ID: R2
IP address:
Device ID: R3
IP address:

configure eigrp 100; include ONLY the directly connected networks, and loopback ZERO’s.

R1(config-router)#do sh ip route eigrp is subnetted, 1 subnets
D [90/156160] via, 00:00:53, FastEthernet0/0 is subnetted, 1 subnets
D [90/156160] via, 00:00:26, FastEthernet1/0

configure BGP for 65001; use the lo0‘s as update sources; ONLY advertise the loopbacks that are NOT lo0.


configure R2 to send a metric of 200 for it’s advertised networks.

configure R3 to send a metric of 300 for it’s advertised networks.

either clear bgp or wait for rapture.


swap the metric values between R2 and R3. note that R1 now prefers the 100 network of R3, and the metric values of the other two networks have also changed.


specify that R2 and R3 send these metrics for the 100 network ONLY.


note the 0 metrics for the 2 and 3 networks.

swap the metrics back so that R2 is again preferred by R1 for the 100 network, but this time use a network statement in BGP; no acl’s allowed.


IBGP will always adhere to the metric set within it’s confines. if a better metric is set by EBGP, it will be ignored, unless… this is the point of always-compare-med…