From: Rick Burts (burts@xxxxxxxxxxxxxx)
Date: Sun Jun 18 2000 - 10:00:57 GMT-3
Joshua
While the two forms of the expression look similar they do quite
different things. ^600$ identifies a path which begins and ends with
600 (there is only one entry in the as-path, so it means that the route
originates in 600 and was advertised directly to you). Since
you are applying the filter to a neighbor in AS500, no routes are matched
(because the as path would be 500 600). The expression _600$ identifies
routes which originate in 600 and may have othe ASs in the path, so it
would matc 500 600).
Rick
On Tue, 13 Jun 2000, Joshua W. Watkins wrote:
>
> When using the following config for an as-path filter to filter all
> routes originating from AS600 to remote AS 500, BGP ends up denying
> everyting.
>
> router bgp 100
> no synchronization
> bgp confederation identifier 666
> neighbor 172.16.4.5 remote-as 500
> neighbor 172.16.4.5 filter-list 1 out
> neighbor 172.16.10.1 remote-as 100
> neighbor 172.16.10.1 next-hop-self
> !
> ip classless
> ip as-path access-list 1 deny ^600$
> ip as-path access-list 1 permit .*
>
> I then change the ip as-path access-list to deny _600$ instead of deny
> ^600$ and BGP filters all routes originating from AS 600 and allows
> everything else. Can someone explain why _600$ works and ^600$ does
> not?
>
> Thanks.
>
> Joshua W. Watkins
> Systems Engineer
> Mountain States Networking
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:23:43 GMT-3