Configuring neighbor-based LDP outbound FEC filtering

MPLS and LDP protocol must be enabled on the router to use LDP outbound FEC filtering.

To enable neighbor-based LDP outbound FEC filtering, perform the following steps.
  1. In privileged EXEC mode, enter global configuration mode.
    device# configure terminal
  2. Configure the prefix list to be referenced by the LDP outbound FEC filter to deny an address.
    device(config)# ip prefix-list list-out deny 10.40.40.0/24
    In this example, the list-out prefix list prevents the 10.40.40.0/24 route address.
  3. Configure the prefix list to allow all other FECs.
    device(config)# ip prefix-list list-out permit permit 0.0.0.0/0 ge 32
    
    In this example, the list-out prefix list allows the default route address.
  4. Enable MPLS on the device.
    device(config)# router mpls
  5. Access LDP configuration mode.
    device(config-router-mpls)# ldp
  6. Configure the LDP outbound FEC filter for a specific neighbor.
    device(config-router-mpls-ldp)# session 10.12.12.12 filter-fec-out list-out

    In this example, LDP prevents advertisement of FEC 10.40.40.0/24 through the list-out prefix list and allows all others FECs to neighbor 10.12.12.12.

    Note

    Note

    When the prefix list referenced by the LDP outbound FEC filter is configured or changed, all the existing outbound FECs and received later are subject to the changed prefix list. There is a configurable delay between changing the prefix list and the changed prefix list taking effect on LDP FEC filter configuration.
  7. Verify the LDP FEC filter configuration.
    device(config-router-mpls-ldp)# do show running-config router mpls ldp
    router mpls
     ldp
      ....
      session 10.12.12.12 filter-fec-out list-out
      session 1.1.1.1
       filter-fec-out l2
       key $9$PVUIbBsn+r80zIlBCUpdHw==

    The show mpls ldp session detail command displays the number of FECs from the peer which are filtered due to the outbound FEC filter configuration.

Example

The following example shows the previous steps to configure the LDP outbound FEC filter.

device# configure terminal
device(config)# ip prefix-list list-out deny 10.40.40.0/24
device(config)# ip prefix-list list-out permit 0.0.0.0/0 ge 32
device(config)# router mpls
device(config-router-mpls)# ldp
device(config-router-mpls-ldp)# session 10.12.12.12 filter-fec-out list-out
device(config-router-mpls-ldp)# session 1.1.1.1 filter-fec-out l2 key $9$PVUIbBsn+r80zIlBCUpdHw==