Did you clear the sessions when you made the changes?
On Tue, Oct 29, 2013 at 2:42 PM, Mohammad Moghaddas <[email protected]>wrote: > Marko, > > thanks for the tip. > I know what you mean. Everything is OK in the peer-policy using outbound > route-map and inbound prefix-list. > The problem arises when configuring inbound route-map/filter-list in the > template (even when not configuring them simultaneously, also I removed the > inbound prefix-list in the template) . As I said, when assigning the > inbound route-map/filter-list directly to the neighbor, the issue is solved. > > > On Wed, Oct 30, 2013 at 1:03 AM, Marko Milivojevic <[email protected]>wrote: > >> Mohammad, >> >> Please note the order of processing. >> >> Inbound: >> 1) Route-map >> 2) Filter-list >> 3) Prefix-list >> 3) -or- Distribute-list >> >> Outbound: >> 1) Distribute-list >> 1) -or- Prefix-list >> 2) Filter-list >> 3) Route-map >> >> This could be causing at least some of the issues you are seeing >> (route-map appearing ineffective). As for the other cases, I have to admit >> that's not how I understand IOS to work, but some more looking into could >> be in order :-) >> >> >> On Tue, Oct 29, 2013 at 2:20 PM, Mohammad Moghaddas < >> [email protected]> wrote: >> >>> Hi Marko. >>> >>> Also, I tried to use a route-map matching the as-path, but still no >>> result. I tried further and it seemed that the route-map is no functioning >>> at all even when matching prefix-list !!! >>> >>> The below configuration didn't function using filter-list: >>> >>> ROUTER#sr | s as-path >>> ip as-path access-list 100 deny _11111_ >>> ip as-path access-list 100 permit .* >>> >>> ROUTER#sr | s prefix >>> ip prefix-list COMPANY_IX-in seq 1 deny 0.0.0.0/0 >>> ip prefix-list COMPANY_IX-in seq 2 deny 172.16.0.0/12 le 32 >>> ip prefix-list COMPANY_IX-in seq 3 deny 10.0.0.0/8 le 32 >>> ip prefix-list COMPANY_IX-in seq 4 deny 192.168.0.0/16 le 32 >>> ip prefix-list COMPANY_IX-in seq 5 deny a.b.c.0/18 le 32 >>> ip prefix-list COMPANY_IX-in seq 6 deny 127.0.0.0/8 le 32 >>> ip prefix-list COMPANY_IX-in seq 7 deny 169.254.0.0/16 le 32 >>> ip prefix-list COMPANY_IX-in seq 8 deny 224.0.0.0/3 le 32 >>> ip prefix-list COMPANY_IX-in seq 9 deny 0.0.0.0/8 le 32 >>> ip prefix-list COMPANY_IX-in seq 10 deny 0.0.0.0/0 ge 25 >>> ip prefix-list COMPANY_IX-in seq 100 permit 0.0.0.0/0 le 32 >>> >>> ROUTER#s|b >>> ! >>> template peer-policy IX >>> route-map IX_BGP-OUT out >>> filter-list 100 in >>> prefix-list COMPANY_IX-in in >>> soft-reconfiguration inbound >>> send-community both >>> ! >>> neighbor 10.234.230.61 remote-as 22222 >>> neighbor 10.234.230.61 description IX_NEIGHBOR >>> neighbor 10.234.230.61 inherit peer-policy IX >>> >>> ROUTER#clear ip bgp neigh 10.234.230.61 in >>> ROUTER#sibn 10.234.230.61 routes | i 11111 >>> !!!!THE ROUTES through AS11111 are showing up!!!! >>> >>> ROUTER#sh ip bgp rege _11111_ >>> !!!!THE ROUTES through AS11111 are showing up!!!! >>> >>> Then I changed the below parts of the configuration: >>> >>> ROUTER#s|b >>> ! >>> template peer-policy IX >>> NO filter-list 100 in >>> ! >>> neighbor 10.234.230.61 filter-list 100 in >>> >>> ROUTER#clear ip bgp neigh 10.234.230.61 in >>> ROUTER#sibn 10.234.230.61 routes | i 11111 >>> !!!!THE ROUTES through AS11111 are gone!!!! >>> >>> ROUTER#sh ip bgp rege _11111_ >>> !!!!THE ROUTES through AS11111 are gone!!!! >>> >>> Best Regards, >>> *Mohammad Moghaddas* >>> >>> >>> On Wed, Oct 30, 2013 at 12:31 AM, Marko Milivojevic <[email protected] >>> > wrote: >>> >>>> >>>> Can you please post your relevant configurations as well as the test >>>> results that show it not working? Thanks. >>>> >>>> -- >>>> Marko Milivojevic - CCIE #18427 (SP R&S) >>>> Senior CCIE Instructor / Managing Partner - IPexpert >>>> >>>> >>>> On Tue, Oct 29, 2013 at 1:39 PM, Mohammad Moghaddas < >>>> [email protected]> wrote: >>>> >>>>> Hi. >>>>> >>>>> Sorry for posting an OT. >>>>> I've configured a filter-list in a "template peer-policy", but it's not >>>>> functioning. >>>>> But when assigning the filter-list directly to a neighbor, everything >>>>> is >>>>> fine. >>>>> Is it something sort of an IOS bug? >>>>> ROUTER(config)#do s ver >>>>> Cisco IOS Software, c7600rsp72043_rp Software >>>>> (c7600rsp72043_rp-ADVENTERPRISEK9-M), Version 15.1(3)S, RELEASE >>>>> SOFTWARE >>>>> (fc1) >>>>> >>>>> Best Regards, >>>>> *Mohammad Moghaddas* >>>>> _______________________________________________ >>>>> For more information regarding industry leading CCIE Lab training, >>>>> please visit www.ipexpert.com >>>>> >>>>> Are you a CCNP or CCIE and looking for a job? Check out >>>>> www.PlatinumPlacement.com >>>>> >>>>> http://onlinestudylist.com/mailman/listinfo/ccie_rs >>>>> >>>> >>>> >>> >> > _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://onlinestudylist.com/mailman/listinfo/ccie_rs
