Route-map Nesting
Route-maps can be used to filter incoming updates from a BGP peer. The match route-map command within a route-map allows another route-map to be called as a subroutine. The nested route-map is evaluated, and if it returns permit, it is treated as a match; if it returns deny, it is treated as a no-match. A route-map must exist to be nested.
Topology
In the below example, router R2 sets the metric to 300 for all the routes except those with the prefix 20.1.2.0/23. Router R1 then filters incoming route advertisements by matching metric 300 and matching the nested route-map CHILD.
In the CHILD route-map, the sequence 10 denies prefix 10.1.1.0/24, while sequence 20 denies prefix 1.1.1.0/24 and permits all other routes. Since 20.1.2.0/23 is the only route from R2 with a metric different from 300, it is denied.
Figure 25. Route-map Nesting
The nested route-map is referred to only by the name, so the first route-map in the sequence with the same name will be evaluated, and if no match is found, the next in the sequence will be evaluated. This continues until a match is found or the sequence ends. A maximum of 8 route-maps can be nested within a route-map instance at the same time. Note that more than 4 levels of nesting are not allowed.
Configure Route-map
R1
|
R1#configure terminal |
Enter configure mode. |
|
R1(config)#ip prefix-list ABC |
Create an entry in the prefix-list. The |
|
R1(config-ip-prefix-list)#seq 5 deny 1.1.1.0/24 ge 26 le 28 |
The sequence number of the prefix entry is specified as The minimum and maximum prefix lengths to be matched are |
|
R1(config-ip-prefix-list)#seq 10 permit any |
The sequence number of the prefix-list entry is specified as 10. The permit parameter |
|
R1(config-ip-prefix-list)#exit |
Exit prefix-list mode. |
|
R1(config)#ip prefix-list ABC2 |
Create an entry in the prefix-list. The |
|
R1(config-ip-prefix-list)#seq 5 permit 10.1.1.0/24 |
The sequence number of the prefix entry is specified as |
|
R1(config-ip-prefix-list)#exit |
Exit prefix-list mode |
|
R1(config)#route-map PARENT permit 10 |
Create the PARENT route-map. |
|
R1(config-route-map)#match route-map CHILD |
Match route-map CHILD as a subroutine. If a match is returned, this match condition is satisfied. |
|
R1(config-route-map)#match metric 300 |
Match only the routes with the metric 300. |
|
R1(config-route-map)#exit |
Exit Route-map mode and return to Configure mode. |
|
R1(config)#route-map CHILD deny 10 |
Create an entry with the sequence number |
|
R1(config-route-map)#match ip address prefix-list ABC2 |
Set the match criteria based on the prefix-list ABC2. As the prefix 10.1.1.0/24 will be a match, and the action of the route-map is “deny”, the routes with the prefix 10.1.1.0/24 will be denied. If an entry does not have a match, the next route-map in the sequence will be evaluated. |
|
R1(config-route-map)#exit |
Exit Route-map mode and return to Configure mode. |
|
R1(config)#route-map CHILD permit 20 |
Create an entry with the sequence number |
|
R1(config-route-map)#match ip address prefix-list ABC |
Set the match criteria based on the prefix-list |
|
R1(config-route-map)#exit |
Exit Route-map mode and return to Configure mode. |
|
R1(config)#router bgp 10 |
Define the routing process, and establish a TCP session. The number 10 specifies the AS number of R1. |
|
R1(config-router)#neighbor 192.168.10.11 remote-as 11 |
Define BGP neighbors, and establish a TCP session. 192.168.10.11 is the IP address of the neighbor (R2), and |
|
R1(config-router)#address-family ipv4 unicast |
Enter address-family ipv4 unicast mode. |
|
R1(config-router-af)#neighbor 192.168.10.11 activate |
Activate the neighbor in the IPv4 address family. |
|
R1(config-router-af)#neighbor 192.168.10.11 route-map PARENT in |
Apply a route map to routes. 192.168.10.11 specifies the IP address of the BGP neighbor. The name of the route map is PARENT, and the |
|
R1(config-router-af)#exit-address-family |
Exit address-family mode. |
|
R1(config-router)#commit |
Commit the candidate configuration to the running configuration. |
R2
|
R2(config)#ip prefix-list PLIST |
Create an entry in the prefix-list. The name of the prefix-list is |
|
R2(config-ip-prefix-list)#seq 5 deny 20.1.2.0/23 |
The sequence number or position of the prefix entry is specified as
|
|
R2(config-ip-prefix-list)#seq 10 permit any |
The sequence number or position of this prefix entry is specified as |
|
R2(config-ip-prefix-list)#exit |
Exit the prefix-list mode . |
|
R2(config)#route-map TEST permit 10 |
Enter Route-map mode to set the match operation. |
|
R2(config-route-map)#match ip address prefix-list PLIST |
Set the match criteria based on the prefix-list PLIST |
|
R2(config-route-map)#set metric 300 |
Configure the set action. If the match condition is satisfied, the metric is set to 300. |
|
R2(config-route-map)#exit |
Exit Route-map mode and return to Configure mode. |
|
R2 (config)#interface lo |
Enter loopback interface mode. |
|
R2(config-if)#ip address 1.1.1.1/27 secondary |
Specify a secondary interface address. |
|
R2(config-if)#ip address 1.1.2.1/24 secondary |
Specify a secondary interface address |
|
R2(config-if)#ip address 10.1.1.1/24 secondary |
Specify a secondary interface address |
|
R2(config-if)#ip address 20.1.1.1/24 secondary |
Specify a secondary interface address |
|
R2(config-if)#ip address 20.1.2.1/23 secondary |
Specify a secondary interface address |
|
R2(config-if)#ip address 30.1.1.1/28 secondary |
Specify a secondary interface address |
|
R2(config-if)#exit |
Exit loopback interface mode. |
|
R2(config)#router bgp 11 |
Define the routing process, and establish a TCP session. The number |
|
R2(config-router)#neighbor 192.168.10.10 remote-as 10 |
Define BGP neighbors, and establish a TCP session. 192.168.10.10 is the IP address of the neighbor (R1), and |
|
R2(config-router)#address-family ipv4 unicast |
Enter address-family IPv4 unicast mode |
|
R2(config-router-af)#neighbor 192.168.10.10 activate |
Activate the neighbor in the IPv4 address family. |
|
R2(config-router-af)#neighbor 192.168.10.10 route-map TEST out |
Apply a route map to routes. |
| R2(config-router-af)#network 1.1.1.0/27 | Specify the network to be advertised by the BGP routing process. |
| R2(config-router-af)#network 1.1.2.0/24 | Specify the network to be advertised by the BGP routing process. |
|
R2(config-router-af)#network 10.1.1.0/24 |
Specify the network to be advertised by the BGP routing process. |
|
R2(config-router-af)#network 20.1.1.0/24 |
Specify the network to be advertised by the BGP routing process. |
|
R2(config-router-af)#network 20.1.2.0/23 |
Specify the network to be advertised by the BGP routing process. |
|
R2(config-router-af)#network 30.1.1.0/28 |
Specify the network to be advertised by the BGP routing process. |
|
R2(config-router-af)#exit-address-family |
Exit router mode. |
|
R2(config-router)#commit |
Commit the candidate configuration to the running configuration. |
Validation
Here is the validation:
#sh ip bgp
BGP table version is 2, local router ID is 172.16.0.14
Status codes: s suppressed, d damped, h history, a add-path, b back-up, * valid,
> best, i - internal,
l - labeled, S Stale, x-EVPN
Origin codes: i - IGP, e - EGP, ? - incomplete
Description : Ext-Color - Extended community color
Network Next Hop Metric LocPrf Weight Path Ext-Co
lor
*> 1.1.2.0/24 192.168.10.11 300 100 0 11 i -
*> 20.1.1.0/24 192.168.10.11 300 100 0 11 i -
*> 30.1.1.0/28 192.168.10.11 300 100 0 11 i -
Total number of prefixes 3