AS Path access lists

carl_townshend · ‎10-29-2012

Hi all

Can anyone tell me how AS path access lists work, if I had the below on my router, what would it do, do they go in sequence etc ?

ip as-path access-list 10 permit _2005_

ip as-path access-list 10 permit _2006_

ip as-path access-list 10 permit _2009

cheers

Carl

smitesh kharecha · ‎10-29-2012

Hi Carl,

Like access-list; as-path list also works sequencially.

The sample as-path list is made in conjunction with regex

ip as-path access-list 10 permit _2005_

- This will permit any prefix which will have AS 2005 coming anywhere in between the AS-PATH. However it should not be the first and last AS in the AS-PATH of the prefix.

ip as-path access-list 10 permit _2006_

- Like above explaination, it will allow any prefix which have AS 2006 in between the AS_PATH

ip as-path access-list 10 permit _2009

- ( if the is no underscrore after 2009, it should generally closed with dollar sign $) will permit any route where AS 2009 is coming anywhere in AS-PATH, but not the first AS.

In case if it is followed by underscore, it can be followed by any other ASes.

If it is ending with $, AS 2009 has to be the last AS in the AS-PATH.

Regard,

Smitesh

carl_townshend · ‎10-29-2012

Hi

I kind of get it

can you please give me another example in your own words, say for 4 routers in 4 different AS paths?

cheers

Carl

cadet alain · ‎10-29-2012

Hi,

to test AS-PATH ACLs you can use either sh ip bgp regexp and the same regular expression you used in your ACL or use sh ip bgp fliter-list 10.I think this is the best way to play with these and understand the regexps in BGP.

Regards.

Alain

Don't forget to rate helpful posts.