Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

BGP Regular Expression AS Path Filter

Please confirm the followings regular expression:

ip as-path access-list 10 permit ^100_200$

Only allow networks originated from AS 100, and AS 200 directly attached to AS100.

ip as-path access-list 10 permit ^100_200_300$

Only allow networks originated from AS 100, and AS 200, AS300 directly attached to AS100

Thanks,

Andrew Tran

3 ACCEPTED SOLUTIONS

Accepted Solutions
Cisco Employee

BGP Regular Expression AS Path Filter

ip as-path access-list 10 permit ^100_200$

Only allow networks originated from AS 100, and AS 200 directly attached to AS100.

not really; this allows prefixes ORIGINATED in AS 200 and LEARNED from AS 100. AS 100 and 200 are indeed directly attached.

ip as-path access-list 10 permit ^100_200_300$

Only allow networks originated from AS 100, and AS 200, AS300 directly attached to AS100

allows prefixes ORIGINATED in AS 300 and LEARNED from AS 100. AS 300 is attached to AS 200 which is attached to AS 100.

regards,

Riccardo

Cisco Employee

BGP Regular Expression AS Path Filter

Andrew,

ip as-path access-list 10 permit ^100$

ip as-path access-list 10 permit ^200$

The above as-path allows prefixes ORIGINATED in AS 100 and AS 200. Please confirm.

not exactly; those as-path acl's will allow prefixes ORIGINATED and LEARNED from AS 100 and AS 200 respectively, meaning that AS 100 and AS 200 are directly connected to your router. So if those as-path are attached to a route-map of a bgp neighborship one of them will not make too much sense as you will be peering either with as 100 or with as 200, not with the 2 AS's at the same time.

If yoi want to allow prefixes ORIGINATED from a given AS without caring of how many transit AS there are between you and the originating AS you need the following:

ip as-path access-list 10 permit _100$

The _ character will match any alpha-numeric string before 100.

Please rate and close the quesion if helpful

Riccardo

Cisco Employee

BGP Regular Expression AS Path Filter

Andrew,

that should allow prefixes originated in any AS which are learned from (directly connected to) AS 100 and prefixes originated in AS 100. You need to test it out on a real router anyway as I think that you could also use for the goal above the following 

^100_[0-9]*_$

Please rate and close the question when done. I COUNT ON IT

Riccardo

5 REPLIES
Cisco Employee

BGP Regular Expression AS Path Filter

ip as-path access-list 10 permit ^100_200$

Only allow networks originated from AS 100, and AS 200 directly attached to AS100.

not really; this allows prefixes ORIGINATED in AS 200 and LEARNED from AS 100. AS 100 and 200 are indeed directly attached.

ip as-path access-list 10 permit ^100_200_300$

Only allow networks originated from AS 100, and AS 200, AS300 directly attached to AS100

allows prefixes ORIGINATED in AS 300 and LEARNED from AS 100. AS 300 is attached to AS 200 which is attached to AS 100.

regards,

Riccardo

New Member

BGP Regular Expression AS Path Filter

To reduce the BGP route table due to cpu/memory resources, I'd like to allow prefixes ORIGINATED in specific ASNs

ip as-path access-list 10 permit ^100$

ip as-path access-list 10 permit ^200$

The above as-path allows prefixes ORIGINATED in AS 100 and AS 200. Please confirm.

Thanks,

Andrew Tran

Cisco Employee

BGP Regular Expression AS Path Filter

Andrew,

ip as-path access-list 10 permit ^100$

ip as-path access-list 10 permit ^200$

The above as-path allows prefixes ORIGINATED in AS 100 and AS 200. Please confirm.

not exactly; those as-path acl's will allow prefixes ORIGINATED and LEARNED from AS 100 and AS 200 respectively, meaning that AS 100 and AS 200 are directly connected to your router. So if those as-path are attached to a route-map of a bgp neighborship one of them will not make too much sense as you will be peering either with as 100 or with as 200, not with the 2 AS's at the same time.

If yoi want to allow prefixes ORIGINATED from a given AS without caring of how many transit AS there are between you and the originating AS you need the following:

ip as-path access-list 10 permit _100$

The _ character will match any alpha-numeric string before 100.

Please rate and close the quesion if helpful

Riccardo

New Member

BGP Regular Expression AS Path Filter

Riccardo,

Very good info I am much appreciated. One last question about this regular expression.

ip as-path access-list 10 permit ^100_[0-9]*$

Please interpret it if you may.

Thanks,

Andrew Tran

Cisco Employee

BGP Regular Expression AS Path Filter

Andrew,

that should allow prefixes originated in any AS which are learned from (directly connected to) AS 100 and prefixes originated in AS 100. You need to test it out on a real router anyway as I think that you could also use for the goal above the following 

^100_[0-9]*_$

Please rate and close the question when done. I COUNT ON IT

Riccardo

17173
Views
10
Helpful
5
Replies