Filtering anything more specific than /24
Today I learned that not all ISP’s filter their announcements to include routes only up to /24. I found this out the hard way when an issue with the number of routes on a Brocade MLX caused me to further analyze the routes we are receiving from both transit providers and peering points. From some peering points, we were receiving up to /27′s. This cause me to have to go in and do some manual configuration, which I guess would have been needed anyway. So here is what I did to correct the issue. For most providers or peering points, we use a named route-map. In the case of say Global Crossing, we would have GBLX-IN, which would look something like this:
route-map GBLX-IN permit 20
set metric 50
set local-preference 50
set community 65501:1000 additive
Of course, the problem with this is that we are working on the assumption that GBLX is filtering their routes to not include anything smaller than a /24. While this may be the case, do you want to leave that up to them to forget? This was the lesson I learned today. So in order to correct this issue, a prefix-list was in order to match upon prefix-length within my route-map in order to accept nothing longer than /24.
ip prefix-list max24 permit 0.0.0.0/0 ge 8 le 24
ip prefix-list max24 permit 0.0.0.0/0 ge 8 le 24
!
route-map GBLX-IN permit 20
match ip address prefix-list max24
set metric 50
set local-preference 45
set community 65501:1000 additive
The prefix list matches any prefix which is at least a /8 and up to /24. This means that we are accepting anything between those two and the 0.0.0.0/0 means it will match any prefix, we only care about the mask length. Another important note is that because the statement with the prefix-list is a permit, we also needed to have this on the permit line within our route-map.