RE: BGP as-path filter

From: Donny MATEO (donny.mateo@sg.ca-indosuez.com)
Date: Thu Oct 24 2002 - 22:47:31 GMT-3

• Next message: ying c: "Re: FRTS"
• Previous message: support@mastersystem.co.id: "Test only"
• Maybe in reply to: ccna instructor: "BGP as-path filter"
• Next in thread: Jason Sinclair: "RE: BGP as-path filter"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Jason,

woudn't your solutions works only under the condition those AS are directly connected.
If those AS(s) are behind another AS the AS-path would look something like xxx yyy 123 and your
solutions won't work. If the statement is to filter as-path originated from certain AS, I would go
with _123$ rather than an exact match ^123$ to cover that posibility.
Do correct me if I'm wrong.

Donny

                                                                                                                                       
                      Jason Sinclair
                      <sinclairj@powert To: "'Hamele Kassa'" <hkassa@attrmc.net>, ccna instructor <ccna20877@yahoo.com>,
                      el.com.au> ccielab@groupstudy.com
                      Sent by: cc:
                      nobody@groupstudy Subject: RE: BGP as-path filter
                      .com
                                                                                                                                       
                                                                                                                                       
                      25-10-2002 09:04
                      Please respond to
                      Jason Sinclair
                                                                                                                                       
                                                                                                                                       

The reason I used the anchors ^ and $ was that the question stated "to allow
routes originated from the following ASNs....". This is an important part of
the lab exam - understanding the question. In this case it was explicitly
stated "originated from", hence the correct answer would have to be:

Ip as-path access-list 1 permit ^123$
Ip as-path access-list 1 permit ^234$
Ip as-path access-list 1 permit ^345$
Ip as-path access-list 1 permit ^567$
Ip as-path access-list 1 permit ^678$
Ip as-path access-list 1 permit ^990$
Ip as-path access-list 1 permit ^2345$
Ip as-path access-list 1 deny .*

That said, there may be a case where the paths are prepended with the same
AS, in which cas you would have to allow multiple occurrences of the same
AS.

Cheers,

Jason Sinclair CCIE #9100
Manager, Network Control Centre
POWERTEL
55 Clarence Street,
SYDNEY NSW 2000
AUSTRALIA
office: + 61 2 8264 3820
mobile: + 61 416 105 858
email: sinclairj@powertel.com.au

 -----Original Message-----
From: Hamele Kassa [mailto:hkassa@attrmc.net]
Sent: Friday, 25 October 2002 09:37
To: ccna instructor; ccielab@groupstudy.com
Subject: Re: BGP as-path filter

Try this if all the originating AS's is the BGP neighbor router

Ip as-path access-list 1 permit ^123$
Ip as-path access-list 1 permit ^234$
Ip as-path access-list 1 permit ^345$
Ip as-path access-list 1 permit ^567$
Ip as-path access-list 1 permit ^678$
Ip as-path access-list 1 permit ^990$
Ip as-path access-list 1 permit ^2345$
Ip as-path access-list 1 deny .*

or if not

Ip as-path access-list 1 permit _123$
Ip as-path access-list 1 permit _234$
Ip as-path access-list 1 permit _345$
Ip as-path access-list 1 permit _567$
Ip as-path access-list 1 permit _678$
Ip as-path access-list 1 permit _990$
Ip as-path access-list 1 permit _2345$
Ip as-path access-list 1 deny .*

----- Original Message -----
From: "ccna instructor" <ccna20877@yahoo.com>
To: <ccielab@groupstudy.com>
Cc: <sadiq.sadiq@intelsat.com>
Sent: Wednesday, October 23, 2002 11:11 PM
Subject: BGP as-path filter

> Need a AS-Path filter that is going to allow routes originated from
> following ASNs
> 123, 234, 345, 567, 678, 990, 2345
>
> Any help appreciated
> regards
> sadiq
>
>
>
>
> ---------------------------------
> Do you Yahoo!?
> Y! Web Hosting - Let the expert host your web site

**********************************************************************
PowerTel Limited, winners of
Best Corporate/Wholesale Broadband Initiative, Australian Telecom Awards 2002
Broadband Wholesale Carrier of the year, CommsWorld Telecomms Awards 2001
Best Emerging Telco, Australian Telecom Awards 2001

**********************************************************************
This email (including all attachments) is intended solely for the named
addressee. It is confidential and may contain commercially sensitive
information. If you receive it in error, please let us know by reply email,
delete it from your system and destroy any copies.

This email is also subject to copyright. No part of it should be reproduced,
adapted or transmitted without the prior written consent of the copyright owner.

Emails may be interfered with, may contain computer viruses or other defects
and may not be successfully replicated on other systems. We give no
warranties in relation to these matters. If you have any doubts about
the authenticity of an email purportedly sent by us, please contact us
immediately.

**********************************************************************

• Next message: ying c: "Re: FRTS"
• Previous message: support@mastersystem.co.id: "Test only"
• Maybe in reply to: ccna instructor: "BGP as-path filter"
• Next in thread: Jason Sinclair: "RE: BGP as-path filter"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Nov 05 2002 - 08:35:56 GMT-3