filter all prefixes except a few with 'case' control

Войнович Андрей Александрович andreyv at skbkontur.ru
Thu Sep 29 10:56:27 CEST 2016


Thanks, Ondrej and Vasiliy,

Construction
  if net ~ [1.1.1.1/32, 2.2.2.2/32, ...] then ...
 looks best and easiest way, forks fine.


------------------------------------------
Служба поддержки серверов
Группа сетевого администрирования
ДПП.УТП.СПС
ЗАО ПФ «СКБ-Контур»,
Тел. +7 (343) 344-11-50 доб. 75352
e-mail: dc-noc at skbkontur.ru
https://www.kontur.ru


-----Original Message-----
From: Ondrej Zajicek [mailto:santiago at crfreenet.org] 
Sent: Thursday, September 29, 2016 12:16 PM
To: Войнович Андрей Александрович <andreyv at skbkontur.ru>; Василий Олейников <oleynikov_v at ufanet.ru>
Cc: bird-users at network.cz
Subject: Re: filter all prefixes except a few with 'case' control

On Thu, Sep 29, 2016 at 07:01:00AM +0000, Войнович Андрей Александрович wrote:
> Construction with single IP addresses passes syntax check, but filter does not work as expected - it passes all routes and does not filter anything.

H

1) Case expression works for most types with exception of prefixes. It is not implemented for prefixes.

2) Case expressio with ip addresses works, but you must put ip address and not network to it (i.e. use 'case net.ip { ... }')

3) What you are trying to do is usually done with a prefix set:

  if net ~ [1.1.1.1/32, 2.2.2.2/32, ...] then ...

4) ROA tables could be used with any prefixes even if they are non-BGP, just supply some dummy ASN. But prefix sets in this case are enough and much simpler.

--
Elen sila lumenn' omentielvo

Ondrej 'Santiago' Zajicek (email: santiago at crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."



More information about the Bird-users mailing list