HP VPN Firewall Appliances Network Management Configuration Guide
522
Status codes: * - valid, ^ - VPNv4 best, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 9.1.1.0/24 200.1.3.1 0 0 20 10i
Router A has learned the route to the destination 9.1.1.0/24 from Router B.
3. Configure BGP COMMUNITY attribute:
# Configure a routing policy.
[Firewall] route-policy comm_policy permit node 0
[Firewall-route-policy] apply community no-export
[Firewall-route-policy] quit
# Apply the routing policy.
[Firewall] bgp 10
[Firewall-bgp] peer 200.1.2.2 route-policy comm_policy export
[Firewall-bgp] peer 200.1.2.2 advertise-community
# Display BGP routing table information on Router B.
[RouterB] display bgp routing-table 9.1.1.0
BGP local router ID : 2.2.2.2
Local AS number : 20
Paths: 1 available, 1 best
BGP routing table entry information of 9.1.1.0/24:
From : 200.1.2.1 (1.1.1.1)
Original nexthop: 200.1.2.1
Community : No-Export
AS-path : 10
Origin : igp
Attribute value : MED 0, pref-val 0, pre 255
State : valid, external, best,
Not advertised to any peers yet
You can find the NO_EXPORT community attribute in the output. In this case, the route of
9.1.1.0/24 is not available in the routing table of Router A.
BGP route reflector configuration example
Network requirements
As shown in Figure 302, all routers run BGP.
• EBGP runs between Router A and Router B. IBGP runs between Firewall and Router B, and between
Firewall and Router C.
• Firewall is a route reflector with clients Router B and Router C.
• Router C can learn route 1.0.0.0/8 from Firewall.