Routing

 View Only

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



  • 1.  aspath-regex "Exclude"?

    Posted 12-12-2021 19:20
    Hello, I've been looking at few documentations and so far Im able to "Match" prefixes and accept/deny using one of the two methods:
    1- configure as-path under policy-options
    2- "show route aspath-regex ""

    is there a way to "exclude" a route based on whether the prefix transitioned through one particular ASN? this ASN can be at any position within the as-path and not necessarily adjacent to local device. I know this can be achieved using something like this but Im still looking for something in lines of excluding prefixes rather than matching them. 
    set policy-options as-path includes-8888 ".* 8888 .*"
    set policy-options policy-statement reject-8888 term 1 from as-path includes-8888
    set policy-options policy-statement reject-8888 term 1 then reject​

    for example,  I need a regex expression to exclude any prefixes transitioned through AS 8888. (All numbers shows below are arbitrary and in a lab env so please bear with me). The output of the regex I'm looking for should essentially only show 1.161.192.0/21 prefix and not the other three since those have ASN 8888 part of their as-path. 

    1.64.0.0/10        *[BGP/170] 1d 08:04:05, localpref 100
                          AS path: 8888 16151 61671 I, validation-state: unverified
                        > to 172.20.200.1 via ge-0/0/0.419
    1.84.160.0/20      *[BGP/170] 1d 08:04:05, localpref 100
                          AS path: 16151 8888 33112 I, validation-state: unverified
                        > to 172.20.200.1 via ge-0/0/0.420
    1.161.192.0/21     *[BGP/170] 1d 08:04:05, localpref 100
                          AS path: 32138 45045 I, validation-state: unverified
                        > to 172.20.200.1 via ge-0/0/0.421​
    1.185.160.0/20     *[BGP/170] 1d 08:04:05, localpref 100
                          AS path: 32138 45045 8888 I, validation-state: unverified
                        > to 172.20.200.1 via ge-0/0/0.421​

    I thought something like "show route aspath-regex ".* 8888{0} .*"" would work but I was wrong! Any suggestion is appreciated. 



  • 2.  RE: aspath-regex "Exclude"?

     
    Posted 12-13-2021 06:28
    If I follow what you are asking this will be the process, apologies if I am not interpreting correctly.  I think you are looking to have either an import or export bgp policy that will exclude routes that have 8888 anywhere in the as path.

    So for this we have the regex that will include the desired asn at least once:

    set policy-options as-path includes-8888 8888{1}


    Then you build your import or export policy with three terms:

    ---reject any route having the asn at least once:

    set policy policy-statement MYPOLICY term reject-8888 from as-path includes-8888

    set policy policy-statement MYPOLICY term reject-8888 then reject

    ---terms that detail other routes you want to accept by whatever measures you have

    set policy policy-statement MYPOLICY term accept-valid from  <<<<. ADD CRITERIA FOR GOOD ROUTES

    set policy policy-statement MYPOLICY term accept-valid then accept


    ---the final reject all term to prevent other routes that might be accepted by default

    set policy policy-statement MYPOLICY term final-reject then reject

    then apply this policy (or a chain of policies) to the actual bgp neighbor or group in the configuration.



    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
    http://puluka.com/home
    ------------------------------



  • 3.  RE: aspath-regex "Exclude"?

    Posted 12-13-2021 10:04
    Hi Steve, Thank you for your response. so does this mean we cant "exclude" routes based on regex? apologies if I'm not explaining it right. 
    I understand the suggestion however the root of this request comes from when Im looking at large tables, but not interested in any routes that traverse through a particular AS. as I said before I know we can "match" a route and reject it based on that criteria using routing policies but I'm still looking for an operational command to show me any route that does not include a particular ASN in the path. 
    show route aspath-regex " "  <<<< This command should display any route that does NOT include ASN 8888​

    if this command exists I assume we should also be able to use it under policies? for example a policy that accepts any routes as long as they dont transit through ASN 8888. I'm still more interested in the operational command since I have more use for it day to day. Thanks! 




  • 4.  RE: aspath-regex "Exclude"?

     
    Posted 12-13-2021 18:55
    I don't think I understand your question then.

    Are you asking about an operational command to see what routes match the regex in the AS path?

    Or are you looking to remove routes from the active table already learned by a peer via some regex command?

    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
    http://puluka.com/home
    ------------------------------



  • 5.  RE: aspath-regex "Exclude"?

    Posted 12-14-2021 10:42
    Second one, Steve!  trying to filter/ comb through active routing table, and Interested in any route that does NOT include ASN 8888 in as-path.


  • 6.  RE: aspath-regex "Exclude"?

     
    Posted 12-14-2021 19:09
    I'm not aware of any option then for this function.  Junos expects the RPD process and routing protocols to manage both the RIB and the FIB.  There are no operational commands to override the choices made by routing protocols via RPD.

    So for BGP learned routes the only option would be to control the learning by policy.

    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
    http://puluka.com/home
    ------------------------------