simple filters question

John Jensen jensenja at gmail.com
Fri Nov 8 18:08:32 CET 2013


Thanks for the function optimization. This does indeed make it simpler! I
also believe I had misunderstood the documentation when I expected this to
work - obviously "ip" and "prefix" are different types, and now that I've
re-read the documentation on the ~ operator - "it can be used on element
and set of elements of the same type "

My apologies. I appreciate the patch and will apply it shortly.

Thanks,

-JJ


On Fri, Nov 8, 2013 at 3:58 AM, Sergey Popovich <popovich_sergei at mail.ru>wrote:

> В письме от 7 ноября 2013 16:05:50 пользователь John Jensen написал:
> > Hi,
> >
> > We're about to migrate our exchange to a /23 and we're likely going to do
> > it over time. I have a simple filter in place to check and make sure that
> > the NEXT_HOP is within our exchange's subnet. Originally it looked like
> > this:
> >
> > function check_ixp_next_hop(ip nexthop)
> > prefix ixpnet;
> > {
> >   ixpnet = x.x.x.x/24;
> >   if ! (nexthop ~ ixpnet) then return false;
> >   return true;
> > }
> >
> >
> > And then within the inbound filter for each peer's ASN:
> >
> > if ! (check_ixp_next_hop(bgp_next_hop)) then reject;
> >
> >
> > Since we're going to be caring about two distinct prefixes while we
> perform
> > the migration, I changed the filter to look like this:
> >
> > function check_ixp_next_hop(ip nexthop)
> > prefix set ixpnet;
> > {
> >   ixpnet = [ x.x.x.x/24, y.y.y.y/23 ];
>
> Also, pay attention, you should use something like
>
>     ixpnet = [ x.x.x.x/24+, y.y.y.y/23+ ];
>
> To match subnets.
>
> >   if ! (nexthop ~ ixpnet) then return false;
> >   return true;
> > }
> >
>
> Even simpler:
> -------------
>
> function check_ixp_next_hop(ip nexthop)
> {
>   return nexthop ~ [ x.x.x.x/24+, y.y.y.y/23+ ];
> }
>
> --
> SP5474-RIPE
> Sergey Popovich
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20131108/a1d14ff2/attachment-0001.html>


More information about the Bird-users mailing list