Yesterday I learned about a really interesting BGP feature that I’d never heard of. It’s called ORF (Outbound Route Filtering). With traditional filtering we have two options, filter updated in (coming from your neighbor) or out (going to your neighbor). This method works well, but there is overhead on both sides, one neighbor sending all the updates with the other neighbor filtering some or most of them. ORF is a better way of accomplishing this. Here’s the topology:

ORF Topology

The goal of ORF is the ability of the neighbors to tell each other what prefixes they want BEFORE they are sent. This saves bandwidth and processing. For instance, R1 can tell R2 that it only cares about the 24.95.102.0/24 and 128.27.45.0/24 networks, so R2 doesn’t bother sending the 72.89.30.0/24 network at all.

Let’s get to the config:

R1

hostname R1
!
interface Loopback1
 ip address 41.58.12.1 255.255.255.0
!
interface Serial0/0
 ip address 10.1.1.1 255.255.255.252
!
router bgp 6505
 no synchronization
 bgp log-neighbor-changes
 network 41.58.12.0 mask 255.255.255.0
 neighbor 10.1.1.2 remote-as 5680
 no auto-summary

R2

hostname R2
!
interface Loopback1
 ip address 72.89.30.1 255.255.255.0
!
interface Loopback2
 ip address 24.95.102.1 255.255.255.0
!
interface Loopback3
 ip address 128.27.45.1 255.255.255.0
!
interface Serial0/0
 ip address 10.1.1.2 255.255.255.252
!
router bgp 5680
 no synchronization
 bgp log-neighbor-changes
 network 24.95.102.0 mask 255.255.255.0
 network 72.89.30.0 mask 255.255.255.0
 network 128.27.45.0 mask 255.255.255.0
 neighbor 10.1.1.1 remote-as 6505
 no auto-summary

We have a standard interface and BGP config. As expected, we’re seeing all the prefixes from R2:

R1#sh ip bgp
BGP table version is 24, local router ID is 41.58.12.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
 
   Network          Next Hop            Metric LocPrf Weight Path
*> 24.95.102.0/24   10.1.1.2                 0             0 5680 i
*> 41.58.12.0/24    0.0.0.0                  0         32768 i
*> 72.89.30.0/24    10.1.1.2                 0             0 5680 i
*> 128.27.45.0/24   10.1.1.2                 0             0 5680 i

Now we’ll add the ORF configuration:
R1

R1(config)#ip prefix-list R2_ORF seq 1 permit 24.95.102.0/24
R1(config)#ip prefix-list R2_ORF seq 2 permit 128.27.45.0/24
R1(config)#router bgp 6505
R1(config-router)#neighbor 10.1.1.2 capability orf prefix-list both
R1(config-router)#neighbor 10.1.1.2 prefix-list R2_ORF in
*Mar  1 00:54:31.579: %BGP-5-ADJCHANGE: neighbor 10.1.1.2 Down Capability changed
*Mar  1 00:54:32.815: %BGP-5-ADJCHANGE: neighbor 10.1.1.2 Up

R2

R2(config)#router bgp 5680
R2(config-router)#neigh 10.1.1.1 capability orf prefix-list both
*Mar  1 00:54:59.735: %BGP-5-ADJCHANGE: neighbor 10.1.1.1 Down Capability changed
*Mar  1 00:55:01.843: %BGP-5-ADJCHANGE: neighbor 10.1.1.1 Up

First we make the prefix list permitting the routes we want to see. Next we tell BGP to use ORF with our neighbor (this is done on both neighbors). Finally we apply our prefix list IN. Keep in mind that adding the ORF capability to the neighbor reset the BGP relationship, so this isn’t something we want to do on a whim.

Now let’s take another look at R1′s BGP table:

R1#sh ip bgp
BGP table version is 32, local router ID is 41.58.12.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
 
   Network          Next Hop            Metric LocPrf Weight Path
*> 24.95.102.0/24   10.1.1.2                 0             0 5680 i
*> 41.58.12.0/24    0.0.0.0                  0         32768 i
*> 128.27.45.0/24   10.1.1.2                 0             0 5680 i

Here we see that it worked, R1 is no longer receiving the 72.89.30.0/24 prefix. We can also look at it on R2:

R2#sh ip bgp neigh 10.1.1.1 received prefix-filter
Address family: IPv4 Unicast
ip prefix-list 10.1.1.1: 2 entries
   seq 1 permit 24.95.102.0/24
   seq 2 permit 128.27.45.0/24

R2 sees the prefix list we configured on R1 and only sends those routes.

That’s all for this one. ORF is a very cool technology that a lot of people don’t even know about. Here is the .net file:

The Dynagen/GNS3 .net file
(you will need to change the paths to make it work)

Colby

Colby Glass has been in IT since 2002. He is currently a Systems Engineer (presales) with a Cisco Gold partner and holds the CCNP R/S, CCNP DC, CCDP, CCIP, JNCIA-ER.

More Posts