Which configuration ensures that the branch router in AS 45123 advertises only the local networks to all SP neighbors?

After some changes in the routing policy, it is noticed that the router in AS 45123 is being used as a transit AS router for several service providers.

Which configuration ensures that the branch router in AS 45123 advertises only the local networks to all SP neighbors?

A)

B)

C)

D)

A . Option A
B . Option B
C . Option C
D . Option D

View Answer

Answer: C

Explanation:

By default BGP advertises all prefixes to external BGP neighbors. This means that if you are multi-homed (connected to two or more ISPs) then you might become a transit AS. For example, ISP 2 in AS 200 can send traffic to your router in AS 100 to reach ISP 3 in AS 300 because you advertised prefixes in ISP 3 to ISP 2.

This is what will be seen in the BGP routing table of ISP1:

ISP1#show ip bgp

–output omitted–

Network Next Hop Metric LocPrf Weight Path

….

*> 3.3.3.0/24 192.168.12.1 0 100 300 i

In order to prevent this we have to ensure that your router only advertises prefixes from its own autonomous system.

One of the method to solve this problem is using Filter-list with AS-PATH access-list:

R1(config)# ip as-path access-list 1 permit ^$ R1(config-router)#neighbor 192.168.12.2 filter-list 1 out R1(config-router)#neighbor 192.168.23.3 filter-list 1 out

It ensures that we will only advertise prefixes from our own AS. The ^$ regular expression ensures that we will only advertise locally originated prefixes. We should apply this filter to both ISPs.