From: firstname jim (firstnamejim@gmail.com)
Date: Sun May 14 2006 - 23:08:05 ART
Carlos,
Thank you very much, that was exactly the answer. I was trying to use
escape, but I was either using it inside double quotes, or had _ before or
after the escaped path, which messed things up.
In short, the key is "permit ^\(100\)$"
To summarize, here is what's in R1's bgp table:
r1#show ip bgp
BGP table version is 5, local router ID is 101.0.0.1
Status codes: s suppressed, d damped, h history, * valid, > best, i -
internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 2.0.0.0/24 10.0.2.2 0 0 2 i
*> 30.0.0.0/24 10.0.1.4 0 100 0 (100) 30 i
*> 100.0.0.0/24 10.0.1.4 0 100 0 (100) i
*> 101.0.0.0/24 0.0.0.0 0 32768 i
and, the old as-path acl that didn't work:
r1#show ip as-path-access-list 10
AS path access list 10
permit ^$
permit ^1$
r1(config)#do sh ip bgp filter 10
BGP table version is 5, local router ID is 101.0.0.1
Status codes: s suppressed, d damped, h history, * valid, > best, i -
internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 101.0.0.0/24 0.0.0.0 0 32768 i
Now to make it work, I added:
ip as-path access-list 10 permit ^\(100\)$
r1(config)#do sho ip as-path-access-list 10
AS path access list 10
permit ^$
permit ^1$
permit ^\(100\)$
r1(config)#do sh ip bgp filter 10
BGP table version is 5, local router ID is 101.0.0.1
Status codes: s suppressed, d damped, h history, * valid, > best, i -
internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 100.0.0.0/24 10.0.1.4 0 100 0 (100) i
*> 101.0.0.0/24 0.0.0.0 0 32768 i
Thanks a lot for all the replies.
-- Jim
On 5/14/06, Carlos Campos Torres (ccampost) <ccampost@cisco.com> wrote:
>
> Is 100 a confederation sub-as and the confederation ID is 1?
> If that is the case, why don't you try "\", this is because with the
> parenthesis you are only grouping and you need an "escape character" to
> match a specific sub-as
>
> Hope that helps!
>
>
> Carlos Campos
> Associate Systems Engineer
> Cisco Systems, Inc
> (919) 392-6285
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Nick Griffin
> Sent: Saturday, May 13, 2006 7:55 PM
> To: firstname jim
> Cc: ccielab@groupstudy.com
> Subject: Re: AS-path question
>
> Have you tried _100$ to match routes originated in AS100
>
> firstname jim wrote:
> > Hi guys,
> >
> > A Lab prompted this question: suppose I have a confederation and 2
> > sub-as,
> >
> > {other as's} --- [ (as100) - (as101 R1)]AS1 ---- [as2(R2)]
> >
> > In short, subnet
> > 1.0.0.0/24 from as100
> > 1.0.1.0/24 from asl101
> > some other subnets too,
> >
> > How do I make sure that R2 in as2 only get routes originated from AS1?
> > The requirement is to only do filter on R1.
> > I am looking for some as-path regular expression help, so far I have
> > tried (on R1):
> >
> > ip as-path 11 permit ^$
> > ip as-path 11 permit (100) ! this works, but I think it includes
> more
> > un-wanted routes
> >
> > These are the different ways I tried, they don't work. A better idea
> > anyone?
> > ip as-path 11 permit ^100$
> > ip as-path 11 permit ^(100)$
> > ip as-path 11 permit _(100)$
> >
> > TIA
This archive was generated by hypermail 2.1.4 : Thu Jun 01 2006 - 06:33:21 ART