From: Brian McGahan (bmcgahan@internetworkexpert.com)
Date: Mon Feb 02 2004 - 02:00:40 GMT-3
Sam,
The parentheses ( and ) are used as a mathematical grouping, i.e. (x
* y) + (a + b). Since the actual characters open parentheses ( and close
parenthesis ) are used to denote a confederation set, you must match those
actual characters. This is accomplished by using the escape sequence \
Therefore the following will match any prefixes learned from
confederation peers:
^\(.*\)$
However, this will not match prefixes that were locally originated
in the local sub-AS, as the AS-path information is not appended until a
prefix goes to the BGP output engine. Therefore the following must also be
matched:
^$
You can match these expressions in two lines in the as-path list,
but it's much more fun to combine them into one. Comparing them it is
evident that the difference is the character sequence \(.*\)
In the first case presented, this character sequence is true
(exists). In the second case, this character sequence is false (does not
exist). Therefore this sequence has been grouped together with another set
or parentheses, and the question mark has been added to say TRUE or FALSE
There are a number of ways to write this expression, but the logic
always remains the same. Here is another example:
(^\(.*\)$)|(^$)
HTH,
Brian McGahan, CCIE #8593
bmcgahan@internetworkexpert.com
Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987
Direct: 708-362-1418 (Outside the US and Canada)
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Hossam
> Sent: Sunday, February 01, 2004 5:04 PM
> To: Brian McGahan
> Cc: ccielab@groupstudy.com
> Subject: RE: AS-Path Filtering with BGP Confiderations!
>
> Hi Brian,
> Thanks a lot for you post. I missed u lately.
> ^(\(.*\))?$
> Waaw...what an Irregular expression:)
> i would read it as follows...(correct me if read it mistakenly)
> all as-paths that starts with ( and includes anything and ends with ) and
> repeated ONE or more times!!!
> I think it is typically what i need.
> But i got this expressoin form the group too. I think it looks simpler.
> and i guess that it does the same function.
> ^$ | \)$
> ^$ = local originated
> \)$= in any other subAS
> what is yr opnion?
> Thanks
> SAM
> From: "Brian McGahan" <bmcgahan@internetworkexpert.com> Add to Address
> Book
> To: "'Bob Sinclair'" <bsin@cox.net>, "'Hossam'" <sam6626@yahoo.com>,
> ccielab@groupstudy.com
> Subject: RE: AS-Path Filtering with BGP Confiderations!
> Date: Sun, 1 Feb 2004 15:59:28 -0500
>
> I'm not sure how you would keep some routers inside your AS
> confederated and some not... instead what you need is an expression
> that
> will match locally originated routes as well as those from your
> confederation peers. This will do the trick:
> ^(\(.*\))?$
>
> HTH,
> Brian McGahan, CCIE #8593
> bmcgahan@internetworkexpert.com
> Internetwork Expert, Inc.
> http://www.InternetworkExpert.com
> Toll Free: 877-224-8987
> Direct: 708-362-1418 (Outside the US and Canada)
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> Of
> > Bob Sinclair
> > Sent: Saturday, January 31, 2004 5:16 PM
> > To: Hossam; ccielab@groupstudy.com
> > Subject: Re: AS-Path Filtering with BGP Confiderations!
> >
> > Sam,
> >
> > I can confirm that your AS 200 will not show up within the sub-ASs.
> So if
> > you do sho ip b reg ^$ you will see routes from the local sub-as, not
> > routes
> > from AS 200.
> >
> > To do an as-path filter that will send only routes from within AS
> 200, you
> > would have to include the empty path, ^$, as well as all other
> sub-ASs.
> >
> > This is quite inconvenient! For just this reason, perhaps it would
> be
> > desirable in a real-world implementation to keep your AS border
> routers
> > out
> > of your confederations. That way you can easily permit ^$ to allow
> only
> > your own routes outbound.
> >
> > HTH,
> >
> > Bob Sinclair
> > CCIE #10427, CISSP, MCSE
> > www.netmasterclass.net
> >
> > ----- Original Message -----
> > From: "Hossam" <sam6626@yahoo.com>
> > To: <ccielab@groupstudy.com>
> > Sent: Saturday, January 31, 2004 5:41 AM
> > Subject: AS-Path Filtering with BGP Confiderations!
> >
> >
> > > I am trying to configure a BGP router R2 in (AS 65 256 and Bgp
> > Confideration indentifier 200) to limit it advertesment to its EBGP
> > neighbour (R4 in AS 300) to the routes that was originated in AS 200.
> > >
> > > I noticed that while i am AS-path filtering (either via filter-list
> or a
> > route map) and an ip as-path accesslist that permits only ^200$,
> nothing
> > gets advertised to the neighbour R4.
> > >
> > > Once i remove the as-path filtering i get the routes with AS-path =
> 200
> > at
> > R4 as expected.
> > >
> > > I think the problem is that R2 has the routes with AS-path =
> (65078)
> > cause
> > of the confidertaions in its BGP table.
> > > It seems that the IOS does the filtering first and then it strips
> of the
> > confiderations as-path just before advertesting the routes to EBGP
> > neighbour.
> > >
> > > Now the question is: what is the best way to do the filtering in
> this
> > case? i hate the idea of filtering on the SUB ASs...any ideas...
> > >
> > > Thanks..
> > > SAM
>
>
>
> ---------------------------------
> Do you Yahoo!?
> Yahoo! SiteBuilder - Free web site building tool. Try it!
>
> _______________________________________________________________________
> Please help support GroupStudy by purchasing your study materials from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Fri Mar 05 2004 - 07:13:45 GMT-3