bgp_path multiple AS match on single rule
Ondrej Zajicek
santiago at crfreenet.org
Tue Jul 9 11:02:03 CEST 2013
On Mon, Jul 08, 2013 at 09:35:02AM +0300, Javor Kliachev wrote:
> Hello,
>
> I'm wondering, is there any way to configure following example to single
> rule only.
>
> if bgp_path ~ [= * 100 * =] then return false;
> if bgp_path ~ [= * 200 * =] then return false;
> if bgp_path ~ [= * 300 * =] then return false;
> if bgp_path ~ [= * 400 * =] then return false;
>
> On this way, If we want to filter many ASs, it seems that we should
> generate too much rows.
Well, you could replace that with this:
if 10 ~ bgp_path then return false;
which is probably slightly faster, but you still need all the rows.
If you would test just for last (or first) ASN, you could use:
if bgp_path.last ~ [10, 20, 30, 40, ... ] then return false;
Perhaps we should implement this:
if bgp_path ~ [10, 20, 30, 40, ... ] then return false;
(i.e. check every ASN from bgp_path against set of numbers) That would
be simple to implement, consistent with our filtering features for
community lists and works fast for a large sets of ASN.
We don't support full regular expressions for bgp_path matching, just the
shell-like wildcard patterns.
--
Elen sila lumenn' omentielvo
Ondrej 'SanTiago' Zajicek (email: santiago at crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20130709/2110f043/attachment-0001.asc>
More information about the Bird-users
mailing list