Home
 
 
General
 
Cisco basics
 
Switching
 
Network management
 
HSRP
 
SSH
 
IPsec
 
Routing protocols
BGP prepending
BGP Private AS numbers
Use of private AS number in BGP
Redistribute default routes in BGP
BGP bidirectional forwarding detection
Inject default route OSPF
Multicast addresses OSPF
Configuring RIP v2
OSPF domain-id
BGP ORF
 
Address translation
 
Unified communication
 
Quality of service
 
Wireless
 
CCIE
 
Cisco NX-OS / Nexus
 
ASA / PIX Security Appliances
 

What is BGP outbound route filtering (BGP ORF)

Understanding BGP ORF
Outbound Route Filtering Capability for BGP-4 is prefix filtering that can occur between a customer edge (CE) router and a provider edge (PE) router that are exchanging IPv4 unicast BGP prefixes. With BGP ORF the downstream CE router dynamically tells the upstream PE router what routes to filter outbound. This means that the downstream CE router will only receive update messages about the prefixes that it wants. The big advantage of using BGP ORF is that the CE router not has to process al all routes that should be filtered out.


Configuring BGP ORF:
In the example bellow only the default route will received by the CE router. The filtering is done by BGP ORF on the PE router.
Example configuration BGP ORF:

PE router:
router bgp 100
neighbor 10.0.0.2 remote-as 200
!
address-family ipv4
neighbor 10.0.0.2 capability orf prefix-list receive
exit-address-family

PE router:
router bgp 200
neighbor 10.0.0.1 remote-as 100
!
address-family ipv4
neighbor 10.0.0.1 capability orf prefix-list send
neighbor 10.0.0.1 prefix-list AS_100_INBOUND in
exit-address-family
!
ip prefix-list INBOUND seq 10 permit 0.0.0.0/0

Vulnerability Announcements
Multiple Vulnerabilities in Cisco Unified IP Phones 7900 Series

Default Credentials Vulnerability in Cisco Network Registrar

Cisco RVS4000 and WRVS4400N Web Management Interface Vulnerabilities

Cisco Content Services Gateway Denial of Service Vulnerability

Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client

Cisco SA 500 Series Security Appliances Web Management Interface Vulnerabilities

Cisco ASR 9000 Series Routers Line Card IP Version 4 Denial of Service Vulnerability

Field Notices
(Cisco CRS Series Routers) Field Notice: FN - 63126 - CRS: 1OC768-ITU/C cards may experience High Bit Error Rate (BER) or loss of Transmit power incidents in certain batch of optical module - Workaround Fix on Failure

(Cisco CRS Series Routers) Field Notice: FN - 63046 - CRS - 1OC768-POS-SR cards May Experience Bit Error Rate (BER) Incidents Due to Onboard Short - Fix on Failure

(Cisco MGX 8800 Series Switches) Field Notice: FN - 63319 - MGX - VXSM-SW May Report Error Code 400 for CAS Signaling Call - Workaround Available

(Cisco 7800 Series Media Convergence Servers) Field Notice: FN - 63324 - A Limited Number of HP DL380-G6 Servers Shipped Prior to November 16, 2009 May Unexpectedly Reboot

(Cisco 800 Series Routers) Field Notice: FN - 63343 - PCEX-3G-HSPA-R6 Modem not Recognized in Cisco IOS 15.1(1)T of Cisco 880G Series Router - Cisco IOS Upgrade Required

(Cisco MDS 9500 Series Multilayer Directors) Field Notice: FN - 63132 - MDS9000 - Potential DIMM Memory Issue in a Small Number of DS-X9530-SF2-K9 Supervisor Cards Manufactured Between September 2007 and February 2008