Junos
Highlighted
Junos

BGP Peer AS-path-filter substitute for pattern recall?

‎07-06-2015 04:15 PM

Hi everyone!  I am having some growing pains switching from Cisco to Juniper, and was wondering if anyone has a work-around for JunOS's lack of pattern recall in regexps.  

 

Problem:

I would like to create an as-path-filter that will accept anything from my direct peer, or his direct peer, with any number of prepends.  

 

Cisco Solution:

On Cisco, the regexp would look something like (assuming my peer is ASN 7825):

^(7825_)+([0-9]*)(_\2)*

 

Basically, from left to right, this would read "string begins with 7825 followed by whitespace, repeated between one and infinity times.  String then may have some number (1-9 repeated 0 - infinity times).  String then has a whitespace followed by the previous pattern match, repeated 0 to infinity times."

 

Without pattern recall, does anyone have any suggestions as to how I can allow anything that he sources, or a direct peer of his sources, but deny anything that he attempts to send me that take a more circuitous AS path?  This seems like a pretty commonly desired thing with we "promiscuous peers" that desire more efficient interwebs.

2 REPLIES 2
Highlighted
Junos

Re: BGP Peer AS-path-filter substitute for pattern recall?

‎07-09-2015 01:21 AM
In JUNOS, a dot represents a whole AS number not just a digit and the ^ and $ are implicit, so the pattern you are looking for is "7825+ (.)*"

Cheers,
Carsten
Highlighted
Junos

Re: BGP Peer AS-path-filter substitute for pattern recall?

‎07-14-2015 11:35 AM

Correct me if I am wrong, but it seems like that pattern would match 7825 48 32 54 97 100 200  ..etc, since . just represents any ASN.  The pattern recall would only match the nth matched pattern.  i.e. 7825 48 48 48  would be a match, but 7825 48 32 would not.

 

Wound up just using the following.  Not as elegant, and some conditions slip through the cracks (such as an origin prepend), but it'll accomplish what we need.  If we have a peer of a peer that has a propensity to prepend, we can just write an explicit rule for that ASN.

 

as-path-group direct-peers {
as-path randompeer1 "7825{1,5}";
as-path randompeer2 "5523{1,5}";

}

 

as-path-group indirect-peers {
as-path randompeer1 "7825{1,5}(.)";
as-path randompeer2 "5523{1,5}(.)";

}

 

Anyhow, as always, thanks for your response.  Unless I am wrong about the loose match of the .* or .+, JunOS' toned down regex offering just can't do exacltly what I was trying to do.

Feedback