Overview
This section shows examples of BGP filters that you need to apply to peer with Google. Although Google filters your BGP announcements and what we announce to you, you must also configure yours as a safety mechanism to avoid routing issues.
Example Simple Network
The ISP peering with Google uses AS64496 and originates 192.0.2.0/24. As Google advertisements can change without notice, avoid using static filters. Instead, use IRR records to generate and maintain your filters.
Cisco Config Example
router bgp 64496
neighbor 198.51.100.1 remote-as 15169
neighbor 198.51.100.1 prefix-list PEER-OUT out
!
ip prefix-list PEER-OUT permit 192.0.2.0/24
Juniper Example
policy-options {
replace:
community AS65535.INVALID-EXTERNAL members 1:1;
replace:
prefix-list AS65535-V4 {
169.254.0.0/20;
192.168.2.0/24;
}
replace:
prefix-list AS65535-V6 {
2001:db8::/32;
2001:db8:48::/48;
}
replace:
policy-statement AS65535 {
term PERMIT-ROUTES-V4 {
from {
prefix-list-filter AS65535-V4 orlonger;
}
then {
next policy;
}
}
term PERMIT-ROUTES-V6 {
from {
prefix-list-filter AS65535-V6 orlonger;
}
then {
next policy;
}
}
term UNMATCHED-ROUTE {
then {
community add AS65535.INVALID-EXTERNAL;
next policy;
}
}
}
}
protocols {
bgp {
neighbor 172.20.100.1 {
Description “Example Neighbor”;
peer-as 65534;
import [ AS65535 SetMeds Donuts ]
export [ export-the-world ];
}
}
}
Example using IRR to generate filters
To create filters using IRR data you can use the bgp filtering automation tool bgpq3 available at GitHub. Refer to the tool webpage for documentation and examples on how to use it.
See the Filtering guide at the Mutually Agreed Norms for Routing Security (MANRS) website for more information and examples.