I haven't tested this, but

Andrew WEISS · ‎10-29-2014

Hi all,

I'm trying to create an IOS as-path filter that is asdot+ compatible and that only allows a maximum of 3 as-paths, without taking into considerations any prepends that may appear in the as-path.

The following example illustrates what I'm after (3 x AS-PATH: AS777, AS3.157 and AS75):

777 3.157 3.157 3.157 3.157 3.157 3.157 3.157 3.157 3.157 75

The following as-path filter will work --

ip as-path access-list 200 permit ^(777_)+([0-9]+)|([0-9]+\.[0-9]+)*$

however it will also accept any ASes that are possibly behind AS75, AS76 for example:

777 3.157 3.157 3.157 3.157 3.157 3.157 3.157 3.157 3.157 75 76

What I'm looking for is therefore a way of

1. providing support for asdot+ in an IOS as-path filter

2. allowing a maximum of 3 AS-PATHS into my AS from a NAP

3. Ignore prepends and only count them as a single AS.

In IOS-XR/Juniper terms, I'm trying to replicate the as-path unique-length ge 3 in an IOS as-path.

Doing this in an peer specific inbound route-map is probably easier if your IOS version supports the unique-length option, however this is a valid solution only when you have a few, but not when you have several hundred.

Can anyone think of a way of doing this?

Kind regards,

Andrew

John Blakley · ‎10-29-2014

I haven't tested this, but have you tried removing the * at the end an specify 75 instead?

From:

ip as-path access-list 200 permit ^(777_)+([0-9]+)|([0-9]+\.[0-9]+)*$

To:

ip as-path access-list 200 permit ^(777_)+([0-9]+)|([0-9]+\.[0-9]+)_75$

HTH,

John

HTH, John *** Please rate all useful posts ***

Andrew WEISS · ‎10-29-2014

Hi John,

Thanks for your response. AS75 was a hypothetical AS. In all honestly, I'm not at all sure of the ASes that I'll receive from any given peer.

KR,

Andrew

BGP AS-PATH REGULAR EXPRESSION ASSISTANCE