Enabling bgp and igp route synchronization, Limiting prefixes received from a peer/peer group – H3C Technologies H3C SecPath F1000-E User Manual

Page 480

455

To configure BGP route reception filtering policies:

Step Command

Remarks

Enter system view.

system-view

N/A

Enter BGP view.

bgp as-number

N/A

Configure BGP route

reception filtering
policies.

•

Filter incoming routes with an ACL or IP prefix

list:
filter-policy { acl-number | ip-prefix

ip-prefix-name } import

•

Reference a routing policy to filter routes from

a peer/peer group:

peer { group-name | ip-address }

route-policy route-policy-name import

•

Reference an ACL to filter routing information

from a peer/peer group:

peer { group-name | ip-address } filter-policy
acl-number import

•

Reference an AS path ACL to filter routing

information from a peer/peer group:
peer { group-name | ip-address } as-path-acl

as-path-acl-number import

•

Reference an IP prefix list to filter routing

information from a peer/peer group:

peer { group-name | ip-address } ip-prefix

ip-prefix-name import

Configure at least one
command.
By default, no route reception

filtering is configured.
If several filtering policies are

configured, they are applied
in the following sequence:

filter-policy import

peer filter-policy import

peer as-path-acl import

peer ip-prefix import

peer route-policy import

Only routes passing all the
configured policies can be

received.

Enabling BGP and IGP route synchronization

By default, upon receiving an IBGP route, a BGP router checks the route's next hop. If the next hop is
reachable, the BGP router advertises the route to EBGP peers. If the synchronization feature is configured,

in addition to the reachability check of the next hop, the BGP router must find an active IGP route to the

same destination network segment before it can advertise the IBGP route (use the display ip routing-table

protocol command to check the IGP route state).
To enable BGP and IGP synchronization:

Step Command

Remarks

Enter system view.

system-view

N/A

Enter BGP view.

bgp as-number

N/A

Enable synchronization between
BGP and IGP.

synchronization

Not enabled by default.

Limiting prefixes received from a peer/peer group

Step Command

Remarks

Enter system view.

system-view

N/A

Enter BGP view.

bgp as-number

N/A

This manual is related to the following products:

H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS H3C SecBlade LB Cards H3C SecPath L1000-A Load Balancer