RE: regular expression once more

From: Pete Yeargin \(pyeargin\) (pyeargin@cisco.com)
Date: Fri Jul 18 2003 - 10:49:09 GMT-3

That definitely works for if AS 100 is directly attached.

Connie,
        I'm not sure if I remember correctly, but I think you were
asking to filter out routes originating from AS 100 whether it was
directly connected or not. Below would work for a directly connected AS
100, but if the bgp path were for example "300 400 100", I don't think
it would solve it. I think that "^100_(.+)$" is matching any network
advertised from directly connected AS 100 with at least one other AS in
the path.

        Does everyone love regex's now? :)

Regards,
Pete

-----Original Message-----
From: William Lijewski [mailto:ccie8642@hotmail.com]
Sent: Friday, July 18, 2003 9:23 AM
To: pyeargin@cisco.com; jhays@jtan.com; cciestudy@sympatico.ca;
RAlvare5@NCSUS.JNJ.COM; kwchen@netvigator.com; CNie@EPLUS.com;
ccielab@groupstudy.com
Subject: RE: regular expression once more

Yep Pete, you are right.

If AS 100 is the directly connected AS and we don't want to let in any
routes that originated there, I know that this one will work.

^100_(.+)$

r1#show ip bgp
BGP table version is 30, local router ID is 10.0.0.1
Status codes: s suppressed, d damped, h history, * valid, > best, i -
internal
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network Next Hop Metric LocPrf Weight Path
*> 100.0.0.0/24 10.0.0.2 0 0 100 200 500
400
i
*> 101.0.0.0/24 10.0.0.2 0 0 100 200 500
400
i
*> 102.0.0.0/24 10.0.0.2 0 0 100 2 i
*> 103.0.0.0/24 10.0.0.2 0 0 100 i
*> 104.0.0.0/24 10.0.0.2 0 0 100 1000
3000
5000 i
*> 200.0.0.0 10.0.0.2 0 0 100 i
*> 201.0.0.0 10.0.0.2 0 0 100 i

r1#show ip bgp regexp ^100_(.+)$
BGP table version is 30, local router ID is 10.0.0.1
Status codes: s suppressed, d damped, h history, * valid, > best, i -
internal
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network Next Hop Metric LocPrf Weight Path
*> 100.0.0.0/24 10.0.0.2 0 0 100 200 500
400
i
*> 101.0.0.0/24 10.0.0.2 0 0 100 200 500
400
i
*> 102.0.0.0/24 10.0.0.2 0 0 100 2 i
*> 104.0.0.0/24 10.0.0.2 0 0 100 1000
3000
5000!

Bill Lijewski
CCIE #8642

>From: "Pete Yeargin \(pyeargin\)" <pyeargin@cisco.com>
>Reply-To: <pyeargin@cisco.com>
>To: "'William Lijewski'" <ccie8642@hotmail.com>, <jhays@jtan.com>,
><cciestudy@sympatico.ca>, <RAlvare5@NCSUS.JNJ.COM>,
><kwchen@netvigator.com>, <CNie@EPLUS.com>, <ccielab@groupstudy.com>
>Subject: RE: regular expression once more
>Date: Fri, 18 Jul 2003 08:38:24 -0400
>
>Hey Bill,
> I don't think that a space is a legal regex character. Usually,
you
>use "_" to indicate a comma, the beginning of the line, the end of the
>line, or a space. I believe the below regex pattern would match routes

>coming from a neighboring AS of 100 in which AS 100 is a transit AS
>only since you have used a "+" symbol after the brackets.
>
>e.g.) AS Paths
>
>100 220
>100 150
>100 9
>etc.
>
> Take a look at the below e-mail. I think Jonathon was able to
get
>this tested and working.
>
>Pete,
>
>That works!
>
>r2#sh ip bgp
>BGP table version is 3, local router ID is 10.1.1.2
>Status codes: s suppressed, d damped, h history, * valid, > best, i -
>internal Origin codes: i - IGP, e - EGP, ? - incomplete
>
> Network Next Hop Metric LocPrf Weight Path
>*> 99.99.99.0/24 10.1.1.1 0 0 9 100 i
>*> 130.108.1.0/24 10.1.1.1 0 0 9 i
>r2#sh ip bgp quote-regexp _[^(100)]$
>BGP table version is 3, local router ID is 10.1.1.2
>Status codes: s suppressed, d damped, h history, * valid, > best, i -
>internal Origin codes: i - IGP, e - EGP, ? - incomplete
>
> Network Next Hop Metric LocPrf Weight Path
>*> 130.108.1.0/24 10.1.1.1 0 0 9 i
>r2#
>
>
>Thanks,
>
>Jonathan
>
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf

> > Of Pete Yeargin (pyeargin)
> > Sent: Thursday, July 17, 2003 4:39 PM
> > To: 'Jonathan V Hays'; 'CCIEStudy'; 'Alvarez, Rolando [NCSUS]';
> > 'Chen Kwong Wai William'; 'Connie Nie'; ccielab@groupstudy.com
> > Subject: RE: regular expression once more
> >
> >
> > As mentioned before, I would try the following with the parentheses
> > added in:
> >
> > _[^(100)]$
>
>
>
>-----Original Message-----
>From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of

>William Lijewski
>Sent: Thursday, July 17, 2003 8:59 PM
>To: jhays@jtan.com; cciestudy@sympatico.ca; RAlvare5@NCSUS.JNJ.COM;
>kwchen@netvigator.com; pyeargin@cisco.com; CNie@EPLUS.com;
>ccielab@groupstudy.com
>Subject: RE: regular expression once more
>
>
>Well if AS 100 is your neighbor AS you could try the following:
>
>permit ^100_[0-9 ]+$
>
>Inside the brackets we have the range of characters 0 though 9 and a
>space. These should match any character that may be found in the AS
>path. With the
>+ sign after the range of characters it will force there to be at least

>+ 1
>more AS after AS 100 (possibly many more AS) since the + sign stands
>for 1 or more repetition of the previous character - the previous
>character in
>
>this case being a number between 0 and 9 or a space. Since there must
>be at least one repetition of the range of characters AS 100 will never

>be the
>
>last AS in the path, there always must be something after it, therfore
>it will never match if AS 100 is the origin and would block out all of
>the routes that originated in AS 100 while letting all others in.
>
>I don't have access to a router right now to test this but I'm pretty
>sure it will work.
>
>Bill Lijewski
>CCIE #8642
>
>
> >From: "Jonathan V Hays" <jhays@jtan.com>
> >Reply-To: "Jonathan V Hays" <jhays@jtan.com>
> >To: "'CCIEStudy'" <cciestudy@sympatico.ca>, "'Alvarez, Rolando
>[NCSUS]'"
> ><RAlvare5@NCSUS.JNJ.COM>, "'Chen Kwong Wai William'"
> ><kwchen@netvigator.com>, "'Pete Yeargin \(pyeargin\)'"
> ><pyeargin@cisco.com>, "'Connie Nie'" <CNie@EPLUS.com>,
> ><ccielab@groupstudy.com>
> >Subject: RE: regular expression once more
> >Date: Thu, 17 Jul 2003 16:25:17 -0400
> >
> >Well, let's try these regular expression out. There's any easy way to

> >do this using the "show ip bgp quote-regexp" to test.
> >
> >To review, we are trying to filter routes that originate in AS 100.
> >
> >Here's a BGP table with no filter:
> >----------
> >r2#sh ip bgp
> >BGP table version is 3, local router ID is 10.1.1.2
> >Status codes: s suppressed, d damped, h history, * valid, > best, i -

> >internal Origin codes: i - IGP, e - EGP, ? - incomplete
> >
> > Network Next Hop Metric LocPrf Weight Path
> >*> 99.99.99.0/24 10.1.1.1 0 0 9 100 i
> >*> 130.108.1.0/24 10.1.1.1 0 0 9 i
> >r2#
> >----------
> >Here's how to test. Let's match only networks originating from AS 9:
> >
> >The modifier "| include 10.1.1.1" cuts down on unneeded output.
> >
> >r2#sh ip bgp quote-regexp 9$ | include 10.1.1.1
> >*> 130.108.1.0/24 10.1.1.1 0 0 9 i
> >----------
> >Only networks originating from AS 100:
> >
> >r2#sh ip bgp quote-regexp 100$ | include 10.1.1.1
> >*> 99.99.99.0/24 10.1.1.1 0 0 9 100 i
> >r2#
> >----------
> >The filter from Des doesn't match anything:
> >
> >r2#sh ip bgp quote-regexp _^100$
> >
> >r2#
> >
> >I don't know if the regexp function understands the _^ sequence,
> >since the ^ in this context means 'beginning of line.' I think the ^
> >can only
>
> >be used for negation inside a character class.
> >----------
> >My own suggested filter does not match either:
> >
> >r2#sh ip bgp quote-regexp [^1][^0][^0]$
> >
> >r2#
> >----------
> >After I thought about it, I realized that the desired entry (with
> >only AS 9 in the path) won't match either since it only has one digit

> >and the regexp is looking for 3 digits.
> >
> >If we change the regex so the last digit only matches anything but a
> >zero, that would work, but wouldn't meet the requirements, since 10,
> >200, 50, would also match.
> >
> >r2#sh ip bgp quote-regexp [^0]$ | include 10.1.1.1
> >*> 130.108.1.0/24 10.1.1.1 0 0 9 i
> >r2#
> >----------
> >In UNIX or Perl regular expressions you might use the a bang
> >(exclamation point) to negate an expression, as in !(100)$ but that
> >does not seem to work in IOS.
> >
> >r2#sh ip bgp quote-regexp !(100)$ | include 10.1.1.1
> >r2#
> >----------
> >I'm stumped but at least now you all can see how to test a regular
> >expression.
> >
> >HTH,
> >
> >Jonathan
> >
> >
> >_____________________________________________________________________
> >__
> >You are subscribed to the GroupStudy.com CCIE R&S Discussion Group.
> >
> >Subscription information may be found at:
> >http://www.groupstudy.com/list/CCIELab.html
>
>_________________________________________________________________
>Add photos to your e-mail with MSN 8. Get 2 months FREE*.
>http://join.msn.com/?page=features/featuredemail
>
>
>_______________________________________________________________________
>You are subscribed to the GroupStudy.com CCIE R&S Discussion Group.
>
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
>

This archive was generated by hypermail 2.1.4 : Wed Aug 06 2003 - 06:52:44 GMT-3