Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Bronze

Question about AS Path Access Lists

If I have the following AS Path access list:

ip as-path access-list 100 permit ^1234_[0-9]*$

Will this match all AS's with a path through AS 1234, or just AS's adjacent to AS 1234?

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Question about AS Path Access Lists

HI Johnny, [Pls Rate if HELPS]

ip as-path access-list 100 permit ^1234_[0-9]*$

The above As-Path List will match the AS's only adjacent to AS1234.

To match more AS's with a path through AS 1234 means, Configure as below:

ip as-path access-list 100 permit ^1234_[0-9]*_[0-9]*_[0-9]*$

Hope i am Informative.

Pls Rate if HELPS

Best Regards,

Guru Prasad R

7 REPLIES

Re: Question about AS Path Access Lists

Hi,

This means to match any network originated from AS1234 and directly attached to AS1234.

Regards,

Dandy

Bronze

Re: Question about AS Path Access Lists

Hmmm...so how would I match only the AS's adjacent to AS 1234?

Re: Question about AS Path Access Lists

HI Johnny, [Pls Rate if HELPS]

ip as-path access-list 100 permit ^1234_[0-9]*$

The above As-Path List will match the AS's only adjacent to AS1234.

To match more AS's with a path through AS 1234 means, Configure as below:

ip as-path access-list 100 permit ^1234_[0-9]*_[0-9]*_[0-9]*$

Hope i am Informative.

Pls Rate if HELPS

Best Regards,

Guru Prasad R

Hall of Fame Super Silver

Re: Question about AS Path Access Lists

John

I think we should be clear about Dandy's answer and what he meant about originate. If he meant originate in terms of this is the neighbor that passed the update to you then his explanation is correct that the regular expression would identify your neighbor AS and ASes directly connected to that AS. If he meant originate in the sense of the AS where the prefix is actually located then he got it backward. To identify the AS where the prefix is actually located the1234 would be next to the $ and not next to the ^.

HTH

Rick

Bronze

Re: Question about AS Path Access Lists

I just tried this out in a lab, and you are correct.

Cisco Employee

Re: Question about AS Path Access Lists

Hi,

To match all prefixes received through AS 1234 irrespective of originating AS and path length use

ip as-path access-list 101 permit ^1234_

As already mentioned by the other posts the given AS Path ACL will match pathes received through 1234 and with a total path length of two ASes.

As a short reminder, an AS Path ACL with regular expressions treats the AS path as a text string with:

^ denotes begin of string

$ denotes end of string

_ denotes a delimiter like a space

* denotes one or more

Hope this helps! Please use the rating system.

Regards, Martin

Bronze

Re: Question about AS Path Access Lists

You are absolutely correct

176
Views
15
Helpful
7
Replies