show route all filter ...
Ondrej Zajicek
santiago at crfreenet.org
Tue Sep 2 13:43:49 CEST 2014
On Thu, Aug 28, 2014 at 12:47:24PM +0200, Alexander Demenshin wrote:
> On 2014-08-28 11:12, Mikhail A. Grishin wrote:
>
> >We use special command (see below) to view information regarding
> >prefixes containing particular BGP communities.
>
> You should add "reject" clause:
>
> show route all filter {if (0,48642) ~ bgp_community then accept; else
> reject; } table master
Yes, there is no implicit default action, filter should explicitly either
reject or accept routes. You could also use shorthand:
show route where (0,48642) ~ bgp_community
which is equivalent to:
show route filter {if (0,48642) ~ bgp_community then accept; else reject; }
> to avoid this warning.
>
> Once I did this mistake and got more than 2 millions (!) of log file
> entries, and bird was blocked for ca. 20 seconds...
>
> It would be nice to rate limit repeating messages to avoid such problems, or
> to implement default filter action.
It definitely should be rate limited. All other filter errors are rate
limited, this one i missed.
--
Elen sila lumenn' omentielvo
Ondrej 'Santiago' Zajicek (email: santiago at crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20140902/7f661ed1/attachment.asc>
More information about the Bird-users
mailing list