BGP VPNv4 Ext Community Filter
Hombach, Tobias (external - Project)
tobias.hombach at sap.com
Mon Aug 17 11:43:25 CEST 2020
Hi,
we use BIRD 2.0.7 BGP VPNv4 and need to filter extended BGP communities on ingress. Config snippet:
define PFILTER_RT = [ (rt, 65100, *), (rt, 65101, *), (rt, 65102, *) ];
filter IMPORT_FILTER
{
bgp_ext_community.filter(PFILTER_RT_MASTER);
accept;
}
protocol bgp 'my-router' from VPN4_S3_TPL_BGP_DEFAULT
{
vpn4 mpls {
import filter IMPORT_FILTER;
};
}
This is working as expected. We discovered that RO communities are filtered too (not a surprise) and we extended the definition:
define PFILTER_RT = [ (rt, 65100, *), (rt, 65101, *), (rt, 65102, *), (ro, 65100, *), (ro, 65101, *), (ro, 65102, *) ];
We dont need to filter strict for RO communities and best would be to allow all. Is there a better way to allow only defined RT and all RO communities? Are there any plans to allow wildcard or range in these definitions? Like: (ro, *, *) or (ro, 100..300, *)
Another question: Are other extended community sub types beside RO and RT (as defined in RFC 7153) filtered by function bgp_ext_community.filter() ?
Thanks in advance
Regards
Tobias
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20200817/d45a1b2a/attachment.htm>
More information about the Bird-users
mailing list