[Contents] [Prev] [Next] [Index] [Report an Error]

Configuring Private and Exchange Peers on ISP Router 1 and 2

ISP Router 1 and ISP Router 2 each have two policies configured: the private-peers policy and the exchange-peers policy. Because of their similar configurations, this example describes the configuration for only ISP Router 2.

On ISP Router 2, the private-peers policy sends the ISP customer routes to the Private Peer 2 router. The policy accepts all local static routes (local ISP Router 2 customers) and all BGP routes in the 192.168.0/17 range (advertised by other ISP routers). These two terms represent the ISP customer routes. The final term rejects all other routes, which includes the entire Internet routing table sent by the exchange peers. These routes do not need to be sent to Private Peer 2 for two reasons:

The peer already maintains a connection to Exchange Peer 2 in our example, so the routes are redundant.
The Private Peer wants customer routes only. The private-peers policy accomplishes this goal. The exchange-peers policy sends routes to the Exchange Peer 2 router.

In the example, only two routes need to be sent to Exchange Peer 2:

The aggregate route that represents the AS 1000 routing space of 192.168.0/17. This route is configured as an aggregate route locally and is advertised by the exchange-peers policy.
The address space assigned to Customer 2, 192.168.64/22. This smaller aggregate route needs to be sent to Exchange Peer 2 because the customer is also attached to the AS 8000 peer (Private Peer 2).

Sending these two routes to Exchange Peer 2 allows other networks in the Internet to reach the customer through either the ISP or the Private Peer. If just the Private Peer were to advertise the /22 network while the ISP maintained only its /17 aggregate, then all traffic destined for the customer would transit AS 8000 only. Because the customer also wants routes from the ISP, the 192.168.64/22 route is announced by ISP Router 2. Like the larger aggregate route, the 192.168.64/22 route is configured locally and is advertised by the exchange-peers policy. The final term in that policy rejects all routes, including the specific customer networks of the ISP, the customer routes from Private Peer 1, the customer routes from Private Peer 2, and the routing table from Exchange Peer 1. In essence, this final term prevents the ISP from performing transit services for the Internet at large.



[edit]
routing-options {


static {
route 192.168.32.0/22 reject;
route 192.168.36.0/22 reject;
route 192.168.40.0/22 reject;
route 192.168.44.0/22 reject;
route 192.168.48.0/22 reject;
route 192.168.52.0/22 reject;
route 192.168.32.0/21 reject;
route 192.168.40.0/21 reject;
route 192.168.48.0/21 reject;
}




aggregate {
route 192.168.0.0/17;
route 192.168.64.0/22;
}


autonomous-system 1000;
}
protocols {


bgp {


group Internal-Peers {
type internal;
local-address 192.168.0.2;
export internal-peers;
neighbor 192.168.0.1;
neighbor 192.168.0.3;
}




group AS8000-Peers {
type external;
export private-peers;
peer-as 8000;
neighbor 10.222.45.2;
}




group AS22222-Peers {
type external;
export exchange-peers;
peer-as 22222;
neighbor 10.222.46.1;
}


}




isis {
level 1 disable;
interface so-0/0/0.0;
interface ge-0/2/0.0;
interface lo0.0;
}


}
policy-options {


policy-statement internal-peers {


term statics {
from protocol static;
then accept;
}




term next-hop-self {


then {
next-hop self;
}


}


}




policy-statement private-peers {


term statics {
from protocol static;
then accept;
}




term isp-and-customer-routes {


from {
protocol bgp;
route-filter 192.168.0.0/17 orlonger;
}


then accept;
}




term reject-all {
then reject;
}


}




policy-statement exchange-peers {


term AS1000-Aggregate {


from {
protocol aggregate;
route-filter 192.168.0.0/17 exact;
}


then accept;
}




term Customer-2-Aggregate {


from {
protocol aggregate;
route-filter 192.168.64.0/22 exact;
}


then accept;
}




term reject-all-other-routes {
then reject;
}


}


}

[Contents] [Prev] [Next] [Index] [Report an Error]