Re: BGP as-path filter

From: Hamele Kassa (hkassa@attrmc.net)
Date: Fri Oct 25 2002 - 09:49:51 GMT-3

• Next message: Brian Dennis: "RE: access-list switching"
• Previous message: Ahmed Mamoor Amimi: "Reflexive access-list"
• Maybe in reply to: ccna instructor: "BGP as-path filter"
• Next in thread: Jason Sinclair: "RE: BGP as-path filter"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Jason,

My understanding is you use "^" if the originating AS directly connected AS
and use "_" if there could be other AS's in the path. Let's say the
originating AS is 777, then
^777$ means directly from 777 however

_777$ could be the following

777
100 777
200 100 777
200 300 400 777 etc meaning it originated from xxx but could also be other
AS in the path.

Am I missing the point.
Rgs,
HK
----- Original Message -----
From: "Jason Sinclair" <sinclairj@powertel.com.au>
To: "'Hamele Kassa'" <hkassa@attrmc.net>; "ccna instructor"
<ccna20877@yahoo.com>; <ccielab@groupstudy.com>
Sent: Thursday, October 24, 2002 9:04 PM
Subject: RE: BGP as-path filter

> The reason I used the anchors ^ and $ was that the question stated "to
allow
> routes originated from the following ASNs....". This is an important part
of
> the lab exam - understanding the question. In this case it was explicitly
> stated "originated from", hence the correct answer would have to be:
>
> Ip as-path access-list 1 permit ^123$
> Ip as-path access-list 1 permit ^234$
> Ip as-path access-list 1 permit ^345$
> Ip as-path access-list 1 permit ^567$
> Ip as-path access-list 1 permit ^678$
> Ip as-path access-list 1 permit ^990$
> Ip as-path access-list 1 permit ^2345$
> Ip as-path access-list 1 deny .*
>
> That said, there may be a case where the paths are prepended with the same
> AS, in which cas you would have to allow multiple occurrences of the same
> AS.
>
> Cheers,
>
> Jason Sinclair CCIE #9100
> Manager, Network Control Centre
> POWERTEL
> 55 Clarence Street,
> SYDNEY NSW 2000
> AUSTRALIA
> office: + 61 2 8264 3820
> mobile: + 61 416 105 858
> email: sinclairj@powertel.com.au
>
> -----Original Message-----
> From: Hamele Kassa [mailto:hkassa@attrmc.net]
> Sent: Friday, 25 October 2002 09:37
> To: ccna instructor; ccielab@groupstudy.com
> Subject: Re: BGP as-path filter
>
> Try this if all the originating AS's is the BGP neighbor router
>
> Ip as-path access-list 1 permit ^123$
> Ip as-path access-list 1 permit ^234$
> Ip as-path access-list 1 permit ^345$
> Ip as-path access-list 1 permit ^567$
> Ip as-path access-list 1 permit ^678$
> Ip as-path access-list 1 permit ^990$
> Ip as-path access-list 1 permit ^2345$
> Ip as-path access-list 1 deny .*
>
> or if not
>
> Ip as-path access-list 1 permit _123$
> Ip as-path access-list 1 permit _234$
> Ip as-path access-list 1 permit _345$
> Ip as-path access-list 1 permit _567$
> Ip as-path access-list 1 permit _678$
> Ip as-path access-list 1 permit _990$
> Ip as-path access-list 1 permit _2345$
> Ip as-path access-list 1 deny .*
>
> ----- Original Message -----
> From: "ccna instructor" <ccna20877@yahoo.com>
> To: <ccielab@groupstudy.com>
> Cc: <sadiq.sadiq@intelsat.com>
> Sent: Wednesday, October 23, 2002 11:11 PM
> Subject: BGP as-path filter
>
>
> > Need a AS-Path filter that is going to allow routes originated from
> > following ASNs
> > 123, 234, 345, 567, 678, 990, 2345
> >
> > Any help appreciated
> > regards
> > sadiq
> >
> >
> >
> >
> > ---------------------------------
> > Do you Yahoo!?
> > Y! Web Hosting - Let the expert host your web site
>
>
> **********************************************************************
> PowerTel Limited, winners of
> Best Corporate/Wholesale Broadband Initiative, Australian Telecom Awards
2002
> Broadband Wholesale Carrier of the year, CommsWorld Telecomms Awards 2001
> Best Emerging Telco, Australian Telecom Awards 2001
>
> **********************************************************************
> This email (including all attachments) is intended solely for the named
> addressee. It is confidential and may contain commercially sensitive
> information. If you receive it in error, please let us know by reply
email,
> delete it from your system and destroy any copies.
>
> This email is also subject to copyright. No part of it should be
reproduced,
> adapted or transmitted without the prior written consent of the copyright
owner.
>
> Emails may be interfered with, may contain computer viruses or other
defects
> and may not be successfully replicated on other systems. We give no
> warranties in relation to these matters. If you have any doubts about
> the authenticity of an email purportedly sent by us, please contact us
> immediately.
>
> **********************************************************************

• Next message: Brian Dennis: "RE: access-list switching"
• Previous message: Ahmed Mamoor Amimi: "Reflexive access-list"
• Maybe in reply to: ccna instructor: "BGP as-path filter"
• Next in thread: Jason Sinclair: "RE: BGP as-path filter"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Nov 05 2002 - 08:35:56 GMT-3