Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

BGP Filter Question

Hi All, I'm new to BGP and I have a question regarding a config. in my internet router. we're running BGP via 2 ISPs but our hardware is just 2600 with 64MB memory.An access filter was implemented for this via the config below.

ip as-path access-list 86 permit ^$

ip as-path access-list 86 permit ^...$

ip as-path access-list 86 permit ^....$

ip as-path access-list 86 permit ^.....$

ip as-path access-list 86 permit ^......$

ip as-path access-list 86 permit ^.......$

ip as-path access-list 86 permit ^........$

ip as-path access-list 86 permit ^.........$

ip as-path access-list 86 permit ^..........$

ip as-path access-list 86 deny .*

router bgp xxxx

neighbor xxx.xxx.xxx.xxx filter-list 86 in

I have no clear idea unto what this filter does,

Can anybody explain this to me. Any input will be very much appreciated.

3 REPLIES
Bronze

Re: BGP Filter Question

Hi

This filter does not make sence for me.

The ^ matches the beginning of the input string. Then you got the dots (.) which matches any character including the space. The $ matches the end

of the input string.

So you filterlist will basically match all the AS's up to 10 charakters. So i do not see what you intend to filter with this list.

Here a link to reg ex. for bgp. Hopefully this will help you.

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca7e6.html

Regards

Roger

New Member

Re: BGP Filter Question

Looks to me like they are matching the number of Autonomous Sytem numbers in the AS_PATH attribute of incoming routes.

Example:

ip as-path access-list 86 permit ^...$

would match any route with 3 AS numbers in its AS_PATH attribute.

What you did not include is what action is taken on these matches. I would assume there is another configuration section that sets LOCAL_PREF or uses some other method to influence outbound traffic. For example, any route with 3 AS numbers in its path attribute prefer ISP1, 4 AS numbers prefer ISP2.

Perhaps something like this would make the intent of the access list more clear.

ip as-path access-list 86 permit ^[0-9]*$

ip as-path access-list 86 permit ^[0-9]* ^[0-9]*$

-Rob

Gold

Re: BGP Filter Question

I think it's just a malformed as path access list.... Each dot matches any single character, so it's not really an AS match, but rather a character match. So, if you have this:

permit ^...$

That means to match beginning of string, three characters, and then end of string. So, this would match ^100$, but not ^1000$, and not ^10$, so it would only match as' of three digits.

permit ^.....$

Would match ^10000$ or ^10 11$. I'm not certain why you'd want to match this way, the as path filter you've given above is much better, if you take the caret out of the middle:

permit ^[0-9]* [0-9]*$

Would match any as path of two AS', etc.

Russ.W

104
Views
0
Helpful
3
Replies
CreatePlease to create content