MPLS LDP inbound label filtering can be used to reduce the size of the LIB by filtering label bindings that are advertised by other routers. This can save memory needed on a router to participate in the MPLS domain.

In this scenario, I want to filter all the bindings from P2 except for the loopback of PE_EAST, which is 200.200.200.200. The reason I choose only to permit the loopback of PE_EAST is this label will be the only one needed when I set up my iBGP peering for MP-BGP, when I get to the VRFs.

This is the topology used.
Checking the current LIB

PE_WEST#show mpls ldp bindings neighbor 2.2.2.2
lib entry: 1.1.1.1/32, rev 30
remote binding: lsr: 2.2.2.2:0, label: 16
lib entry: 2.2.2.2/32, rev 4
remote binding: lsr: 2.2.2.2:0, label: imp-null
lib entry: 3.3.3.3/32, rev 6
remote binding: lsr: 2.2.2.2:0, label: 17
lib entry: 4.4.4.4/32, rev 8
remote binding: lsr: 2.2.2.2:0, label: 18
lib entry: 10.10.11.0/24, rev 10
remote binding: lsr: 2.2.2.2:0, label: 19
lib entry: 10.12.12.0/24, rev 12
remote binding: lsr: 2.2.2.2:0, label: imp-null
lib entry: 10.13.13.0/24, rev 14
remote binding: lsr: 2.2.2.2:0, label: 20
lib entry: 10.20.22.0/24, rev 16
remote binding: lsr: 2.2.2.2:0, label: imp-null
lib entry: 10.24.24.0/24, rev 18
remote binding: lsr: 2.2.2.2:0, label: imp-null
lib entry: 10.30.33.0/24, rev 20
remote binding: lsr: 2.2.2.2:0, label: 21
lib entry: 10.34.34.0/24, rev 22
remote binding: lsr: 2.2.2.2:0, label: 22
lib entry: 10.40.44.0/24, rev 24
remote binding: lsr: 2.2.2.2:0, label: 23
lib entry: 100.100.100.100/32, rev 26
remote binding: lsr: 2.2.2.2:0, label: 24
lib entry: 200.200.200.200/32, rev 28
remote binding: lsr: 2.2.2.2:0, label: 25

I need to create an ACL to match the label bindings permitted into the LIB. When creating the ACL, be sure to note that inbound label filtering only supports standard ACLs, not extended ACLs.

PE_WEST(config)#access-list 1 permit 200.200.200.200

Now, apply the ACL to the label via the mpls ldp neighbor command.

PE_WEST(config)#mpls ldp neighbor 2.2.2.2 labels accept 1

Verify that LDP is filtering inbound for that LDP neighbor.

PE_WEST#show mpls ldp neighbor 2.2.2.2 detail
Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 100.100.100.100:0
TCP connection: 2.2.2.2.646 - 100.100.100.100.11033
State: Oper; Msgs sent/rcvd: 2921/2918; Downstream; Last TIB rev sent 30
Up time: 1d18h; UID: 8; Peer Id 0;
LDP discovery sources:
FastEthernet2/1; Src IP addr: 10.20.22.2
holdtime: 15000 ms, hello interval: 5000 ms
Addresses bound to peer LDP Ident:
10.20.22.2      10.24.24.2      10.12.12.2      2.2.2.2
Peer holdtime: 180000 ms; KA interval: 60000 ms; Peer state: estab
LDP inbound filtering accept acl: 1

Finally, check the current LIB from P2.

PE_WEST#show mpls ldp bindings neighbor 2.2.2.2
lib entry: 200.200.200.200/32, rev 28
remote binding: lsr: 2.2.2.2:0, label: 25
PE_WEST#

Great! Exactly what expect. The only LIB entry from 2.2.2.2 is the label for 200.200.200.200/32.