在给定的路由器上,我的目标是配置 as-path-access-list,使其不接受任何源自 AS 1 的前缀。以下是命令输出:
Coarse#sho ip bgp
BGP table version is 7, local router ID is 44.44.44.44
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 192.168.34.3 0 3 2 1 i
*> 3.3.3.0/24 192.168.34.3 0 0 3 i
*> 4.4.4.0/24 0.0.0.0 0 32768 i
*> 11.11.11.0/24 192.168.34.3 0 3 2 1 i
*> 33.33.33.0/24 192.168.34.3 0 0 3 i
*> 44.44.44.0/24 0.0.0.0 0 32768 i
现在我需要匹配源自 AS 1 的所有前缀,
Coarse#sho ip bgp regexp 1$
BGP table version is 7, local router ID is 44.44.44.44
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 192.168.34.3 0 3 2 1 i
*> 11.11.11.0/24 192.168.34.3 0 3 2 1 i
将此配置为路径访问列表
Coarse#sho ip as-path-access-list 1
AS path access list 1
deny 1$
Coarse#sho run | sec router bgp
router bgp 4
no synchronization
bgp log-neighbor-changes
network 4.4.4.0 mask 255.255.255.0
network 44.44.44.0 mask 255.255.255.0
neighbor 192.168.14.1 remote-as 1
neighbor 192.168.14.1 filter-list 1 in
neighbor 192.168.34.3 remote-as 3
no auto-summary
Coarse#
但我仍然看到,这些前缀(源自 AS 1)存在于 BGP 表中
Coarse#sho ip bgp
BGP table version is 7, local router ID is 44.44.44.44
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 192.168.34.3 0 3 2 1 i
*> 3.3.3.0/24 192.168.34.3 0 0 3 i
*> 4.4.4.0/24 0.0.0.0 0 32768 i
*> 11.11.11.0/24 192.168.34.3 0 3 2 1 i
*> 33.33.33.0/24 192.168.34.3 0 0 3 i
*> 44.44.44.0/24 0.0.0.0 0 32768 i
你能指导我哪里出错了吗?