BGP: CONCEPT: ROUTE MAP


Route-Map

Route-Map is a set of conditions(combination of match and set conditions), to control or modify routing information or traffic.

BGP route maps are of two types

those that support both match and set clauses,

and those that support only match clauses

Route-Map is more like a Function defined in programming Language, “C”

In C-Language, Function is defined using If and Then conditions. Whenever required during programming,

Function is simply called in that point

In BGP, Route-Map is defined using Match and set conditions. When required to modify traffic, Route-Map is called.

You can use one or more of the following mechanisms to configure routing policy:

Access lists
Prefix trees
Community lists
Route maps
Prefix lists

BGP supports the clauses listed below for match-and-set route maps.

match as-path set as-path prepend
match community set comm-list delete
match distance set community
match extcommunity set dampening
match ip address set extcommunity
match ip next-hop set ip next-hop
match level set local-preference
match metric set metric
match metric-type set metric-type
match route-type set origin
match tag set tag
set weight

When Route-map is required?

BGP route maps can be applied to modify or control inbound routes, outbound routes, and redistributed routes.

Route-Map syntax

route−map map−tag [permit | deny]  [sequence−number]

Example: route-map  routetest  permit 10

Here, routetest is simply the name of the route-map

Case:

In route-map, we have option of permit and deny.

In route-map, Access list is used. In Access list, again we have the option of permit and deny

So, to avoid confusion, it is preferred to use permit in case of Route map

&

permit and deny in case of Access-List

How permit works?

If the match criteria are met and we have a permit then the routes will be controlled as specified by the set action and we break out of the list

How deny works?

If the match criteria are met and we have a deny then the route will not be controlled  and we break out of the list.

If we finish the list without a match then the route we are looking at will not be accepted nor forwarded.

Exception:

when route-map is used for filtering BGP updates rather than when redistributing between protocols, you can not filter on the inbound when using a “match” on the ip address.

Scenario

Example 1:

Assume RTA and RTB are running rip; RTA and RTC are running BGP. RTA is getting updates via BGP and redistributing them to rip. If RTA wants to redistribute to RTB routes about 170.10.0.0 with a metric of 2 and all other routes with a metric of 5 then we might use the following configuration:

RTA#
router rip
network 3.0.0.0
network 2.0.0.0
network 150.10.0.0
passive−interface Serial0
redistribute bgp 100 route−map SETMETRIC
router bgp 100
neighbor 2.2.2.3 remote−as 300
network 150.10.0.0
route−map SETMETRIC permit 10
match ip−address 1
set metric 2
route−map SETMETRIC permit 20
set metric 5
access−list 1 permit 170.10.0.0 0.0.255.255

In the above example if a route matches the IP address 170.10.0.0 it will have a metric of 2 and then we break out of the route map list. If there is no match then we go down the route map list which says, set everything else to metric 5. It is always very important to ask the question, what will happen to routes that do not match any of the match statements because they will be dropped by default.

Example 2:
Suppose in the above example we did not want AS100 to accept updates about 170.10.0.0. Since route maps cannot be applied on the inbound when matching based on an ip address, we have to use an outbound route map on RTC:

RTC#
router bgp 300
network 170.10.0.0
neighbor 2.2.2.2 remote−as 100
neighbor 2.2.2.2 route−map STOPUPDATES out
route−map STOPUPDATES permit 10
match ip address 1
access−list 1 deny 170.10.0.0 0.0.255.255
access−list 1 permit 0.0.0.0 255.255.255.255

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s