BGP FRR Firebox 12.10.B685791
Hi Everyone,
Simple BGP Syntax Question:
Is it important to BGP configuration sysntax in top down configurations style of layout for this new version of firmware (for some vendors this is a requirement)?
Example of the above statement:
ip prefix-list allow_in seq 5 permit C.C.C.C/30
ip prefix-list allow_in seq 10 permit E.E.E.E/32
ip prefix-list allow_in seq 20 permit F.F.F.F/32
ip prefix-list allow_in seq 30 deny 0.0.0.0/0 le 32
ip prefix-list allow_out seq 5 permit B.B.B.B/24
ip prefix-list allow_out seq 30 deny 0.0.0.0/0 le 32
route-map rmap_in permit 10
match ip address prefix-list allow_in
route-map rmap_out permit 5
match ip address prefix-list allow_out
router bgp 500
no bgp ebgp-requires-policy
no bgp network import-check
bgp router-id A.A.A.Y
address-family ipv4 unicast
network A.A.A.A/30
network B.B.B.B/24
neighbor A.A.A.X remote-as 600
neighbor A.A.A.X weight 1000
neighbor A.A.A.X route-map rmap_in in
neighbor A.A.A.X route-map rmap_out out
neighbor A.A.A.X description ISP-01
neighbor A.A.A.X soft-reconfiguration inbound
My neigbor command "neighbor A.A.A.X route-map rmap_in in" is not being accepted in configuration hence this question. The command layout it had was:
router bgp 500
no bgp ebgp-requires-policy
no bgp network import-check
bgp router-id A.A.A.Y
address-family ipv4 unicast
network A.A.A.A/30
network B.B.B.B/24
neighbor A.A.A.X remote-as 600
neighbor A.A.A.X weight 1000
neighbor A.A.A.X route-map rmap_in in
neighbor A.A.A.X route-map rmap_out out
neighbor A.A.A.X description ISP-01
neighbor A.A.A.X soft-reconfiguration inbound
ip prefix-list allow_in seq 5 permit C.C.C.C/30
ip prefix-list allow_in seq 10 permit E.E.E.E/32
ip prefix-list allow_in seq 20 permit F.F.F.F/32
ip prefix-list allow_in seq 30 deny 0.0.0.0/0 le 32
ip prefix-list allow_out seq 5 permit B.B.B.B/24
ip prefix-list allow_out seq 30 deny 0.0.0.0/0 le 32
route-map rmap_in permit 10
match ip address prefix-list allow_in
route-map rmap_out permit 5
match ip address prefix-list allow_out
Comments
As long as your config has the relevant commands, it should be fine.
I would suggest using the config in the order that is provided in the documentation as that is the way it is tested. While we do test other combinations, it's not possible to test every single one that may arise.
-James Carson
WatchGuard Customer Support