Hi guys,
I'm running a lab (eve-ng) to proof the "input.accept-nlri" parameter. I've configured "input.accept-nlri=!filtered" in "/routing/bgp/connection" hierarchy, because even with the rule matching just only the default-route (0.0.0.0/0), any other prefixes are in the memory ("/routing/route print detail where bgp") classified like filtered. After configure this parameter and refresh the BGP session, the filtered prefixes not belong the router.
I'm running a lab (eve-ng) to proof the "input.accept-nlri" parameter. I've configured "input.accept-nlri=!filtered" in "/routing/bgp/connection" hierarchy, because even with the rule matching just only the default-route (0.0.0.0/0), any other prefixes are in the memory ("/routing/route print detail where bgp") classified like filtered. After configure this parameter and refresh the BGP session, the filtered prefixes not belong the router.
Code:
[admin@MikroTik] > /routing/route/print where bgpFlags: F - FILTERED, A - ACTIVE; b - BGPColumns: DST-ADDRESS, GATEWAY, AFI, DISTANCE, SCOPE, TARGET-SCOPE, IMMEDIATE-GW DST-ADDRESS GATEWAY AFI DIS SC TA IMMEDIATE-GW >Ab 0.0.0.0/0 X.X.X.X ip4 20 40 10 PEER1 b 0.0.0.0/0 Y.Y.Y.Y ip4 20 40 10 PEER2Fb 1.1.1.0/24 X.X.X.X ip4 20 40 10 PEER1Fb 2.2.2.0/24 X.X.X.X ip4 20 40 10 PEER1Fb 2.2.2.0/24 Y.Y.Y.Y ip4 20 40 10 PEER2Fb 3.3.3.0/24 X.X.X.X ip4 20 40 10 PEER1Fb 4.4.4.0/24 X.X.X.X ip4 20 40 10 PEER1Fb 5.5.5.0/24 Y.Y.Y.Y ip4 20 40 10 PEER2Fb 6.6.6.0/24 Y.Y.Y.Y ip4 20 40 10 PEER2Fb 7.7.7.0/24 Y.Y.Y.Y ip4 20 40 10 PEER2Code:
[admin@MikroTik] > /routing/bgp/connection/print detail where name=PEER1Flags: D - dynamic, X - disabled, I - inactive 0 name="PEER1" remote.address=X.X.X.X .as=1234 local.address=1.2.3.4 .role=ebgp-peer routing-table=main router-id=1.2.3.4 templates=default as=1111 output.redistribute=connected,static,vpn,dhcp .filter-chain=EBGP-PEER1-OUT input.filter=EBGP-PEER1-IN[b] .accept-nlri=!filtered[/b][admin@MikroTik] > /routing/bgp/connection/print detail where name=PEER2Flags: D - dynamic, X - disabled, I - inactive 1 name="PEER2" remote.address=Y.Y.Y.Y .as=567 local.address=1.2.3.4 .role=ebgp-peer routing-table=main router-id=1.2.3.4 templates=default as=1111 output.redistribute=connected,static,vpn,dhcp .filter-chain=EBGP-PEER2-OUT input.filter=EBGP-PEER2-IN [b].accept-nlri=!filtered[/b]Code:
[admin@MikroTik] > /routing/route/print where bgpFlags: F - FILTERED, A - ACTIVE; b - BGPColumns: DST-ADDRESS, GATEWAY, AFI, DISTANCE, SCOPE, TARGET-SCOPE, IMMEDIATE-GW DST-ADDRESS GATEWAY AFI DIS SC TA IMMEDIATE-GW >Ab 0.0.0.0/0 X.X.X.X ip4 20 40 10 PEER1 b 0.0.0.0/0 Y.Y.Y.Y ip4 20 40 10 PEER2Statistics: Posted by lefigo — Wed Mar 27, 2024 8:26 pm