Hi all,
My Vy0S router have a BGP link with our partner. My issue is I had assign route-map to my BGP configuration that only allow certain ip range to be received. However I received other subnet range after my partner accidentally advertise this range.
Vy0S version :
Version: VyOS 1.1.8
Description: VyOS 1.1.8 (helium)
Configuration as below :
Protocol BGP
vyosrouter# sh protocols bgp
bgp 1111 {
neighbor 100.127.x.x {
description “BGP connection”
remote-as 2222
route-map {
export Export
import Import
}
soft-reconfiguration {
inbound
}
update-source vti0
}
Route-Map
vyosrouter# sh policy route-map Import
description “Import route map policy”
rule 1 {
action permit
match {
ip {
address {
prefix-list Permit-IN
}
}
}
}
rule 999 {
action deny
}
Prefix-list
vyosrouter# sh policy prefix-list Permit-IN
description “Allowed received routes IN”
rule 1 {
action permit
description “Subnet 1”
prefix 10.10.100.0/24
}
rule 2 {
action permit
description “Subnet 2”
prefix 10.10.200.0/24
}
BGP Received-routes
vyosrouter:~$ sh ip bgp neighbors 100.127.x.x received-routes
BGP table version is 0, local router ID is 192.168.146.26
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, R Removed
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.10.100.0/24 10.2.50.1 0 2222 65112 ?
*> 10.10.200.0/24 10.2.50.1 0 2222 65112 ?
*> 10.16.5.0/24 10.2.50.1 0 2222 65112 ?
*> 172.16.50.0/24 10.2.50.1 0 2222 65112 ?
In routing table shows that I received other ip which are 10.16.5.0/24 and 172.16.50.0/24. It suppose permit prefix list and deny others right? Please advise on this.
Thanks.