BGP Peer AS-path-filter substitute for pattern recall?
Hi everyone! I am having some growing pains switching from Cisco to Juniper, and was wondering if anyone has a work-around for JunOS's lack of pattern recall in regexps.
I would like to create an as-path-filter that will accept anything from my direct peer, or his direct peer, with any number of prepends.
On Cisco, the regexp would look something like (assuming my peer is ASN 7825):
Basically, from left to right, this would read "string begins with 7825 followed by whitespace, repeated between one and infinity times. String then may have some number (1-9 repeated 0 - infinity times). String then has a whitespace followed by the previous pattern match, repeated 0 to infinity times."
Without pattern recall, does anyone have any suggestions as to how I can allow anything that he sources, or a direct peer of his sources, but deny anything that he attempts to send me that take a more circuitous AS path? This seems like a pretty commonly desired thing with we "promiscuous peers" that desire more efficient interwebs.
Re: BGP Peer AS-path-filter substitute for pattern recall?
Correct me if I am wrong, but it seems like that pattern would match 7825 48 32 54 97 100 200 ..etc, since . just represents any ASN. The pattern recall would only match the nth matched pattern. i.e. 7825 48 48 48 would be a match, but 7825 48 32 would not.
Wound up just using the following. Not as elegant, and some conditions slip through the cracks (such as an origin prepend), but it'll accomplish what we need. If we have a peer of a peer that has a propensity to prepend, we can just write an explicit rule for that ASN.