Bgp As Path Filters

Instead of filtering network routes, AS path filters filter BGP AS numbers (paths) by using regular expressions. You can use path filters on a nontransit network to prevent passing external routes from one service provider to another. Example 9-8 denies any BGP route that begins with AS 111 or AS 222 to be advertised back to BGP neighbor 111.11.19.17. The A (caret) indicates a match of the beginning of the AS path. Filter 20 denies local routes to be advertised to the iBGP neighbor 27.18.9.21 by using A$. The expression .* indicates any AS path.

Example 9-8 AS Path Filter Configuration Example router bgp 100 neighbor 111.11.19.17 remote-as 111 neighbor 111.11.19.17 filter-list 10 out neighbor 27.18.9.21 remote-as 100 neighbor 27.18.9.21 filter-list 20 out neighbor 27.18.9.21 next-hop-self ip as-path access-list 10 deny "111_ ip as-path access-list 10 deny "222_ ip as-path access-list 10 permit .*

ip as-path access-list 20 deny "$ ip as-path access-list 20 permit .*

Some regular expression examples are shown in Table 9-1.

Table 9-1 Meanings of Regular Expressions

Expression

Meaning

. Any single character

A

Matches beginning of any input string

$

Matches the end of any input string

Matches a comma (,), left brace ({), right brace (}), left parenthesis, right parenthesis,

the beginning of the input string, the end of the input string, or a space

*

Matches 0 or any sequence in a pattern

continues continues

Table 9-1 Meanings of Regular Expressions (Continued)

A222_

Any AS path that begins with AS 222

*

All (any AS path)

Matches an empty string (no path info), which indicates a local route

More information on regular expressions is at the following site:

www.cisco.com/univercd/cc/td/doc/product/atm/c8540/12_0/13_19/cmd_ref/

appc.htm#xtocid68796

Was this article helpful?

+1 0

Post a comment