Junos OS

 View Only

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



  • 1.  aspath-regex "Exclude"?

    Posted 12-12-2021 19:20
    Hello, I've been looking at few documentations and so far Im able to "Match" prefixes and accept/deny using one of the two methods:
    1- configure as-path under policy-options
    2- "show route aspath-regex ""

    is there a way to "exclude" a route based on whether the prefix transitioned through one particular ASN? this ASN can be at any position within the as-path and not necessarily adjacent to local device. I know this can be achieved using something like this but Im still looking for something in lines of excluding prefixes rather than matching them. 
    set policy-options as-path includes-8888 ".* 8888 .*"
    set policy-options policy-statement reject-8888 term 1 from as-path includes-8888
    set policy-options policy-statement reject-8888 term 1 then reject​

    for example,  I need a regex expression to exclude any prefixes transitioned through AS 8888. (All numbers shows below are arbitrary and in a lab env so please bear with me). The output of the regex I'm looking for should essentially only show 1.161.192.0/21 prefix and not the other three since those have ASN 8888 part of their as-path. 

    1.64.0.0/10        *[BGP/170] 1d 08:04:05, localpref 100
                          AS path: 8888 16151 61671 I, validation-state: unverified
                        > to 172.20.200.1 via ge-0/0/0.419
    1.84.160.0/20      *[BGP/170] 1d 08:04:05, localpref 100
                          AS path: 16151 8888 33112 I, validation-state: unverified
                        > to 172.20.200.1 via ge-0/0/0.420
    1.161.192.0/21     *[BGP/170] 1d 08:04:05, localpref 100
                          AS path: 32138 45045 I, validation-state: unverified
                        > to 172.20.200.1 via ge-0/0/0.421​
    1.185.160.0/20     *[BGP/170] 1d 08:04:05, localpref 100
                          AS path: 32138 45045 8888 I, validation-state: unverified
                        > to 172.20.200.1 via ge-0/0/0.421​

    I thought something like "show route aspath-regex ".* 1507417{0} .*"" would work but I was wrong! Any suggestion is appreciated. 



  • 2.  RE: aspath-regex "Exclude"?

     
    Posted 12-13-2021 06:28
    If I follow what you are asking this will be the process, apologies if I am not interpreting correctly.  I think you are looking to have either an import or export bgp policy that will exclude routes that have 8888 anywhere in the as path.

    So for this we have the regex that will include the desired asn at least once:

    set policy-options as-path includes-8888 8888{1}


    Then you build your import or export policy with three terms:

    ---reject any route having the asn at least once:

    set policy policy-statement MYPOLICY term reject-8888 from as-path includes-8888

    set policy policy-statement MYPOLICY term reject-8888 then reject

    ---terms that detail other routes you want to accept by whatever measures you have

    set policy policy-statement MYPOLICY term accept-valid from  <<<<. ADD CRITERIA FOR GOOD ROUTES

    set policy policy-statement MYPOLICY term accept-valid then accept


    ---the final reject all term to prevent other routes that might be accepted by default

    set policy policy-statement MYPOLICY term final-reject then reject

    then apply this policy (or a chain of policies) to the actual bgp neighbor or group in the configuration.



    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
    http://puluka.com/home
    ------------------------------