10-29-2012 04:44 AM - edited 03-04-2019 05:59 PM
Hi all
Can anyone tell me how AS path access lists work, if I had the below on my router, what would it do, do they go in sequence etc ?
ip as-path access-list 10 permit _2005_
ip as-path access-list 10 permit _2006_
ip as-path access-list 10 permit _2009
cheers
Carl
10-29-2012 04:52 AM
Hi Carl,
Like access-list; as-path list also works sequencially.
The sample as-path list is made in conjunction with regex
ip as-path access-list 10 permit _2005_
- This will permit any prefix which will have AS 2005 coming anywhere in between the AS-PATH. However it should not be the first and last AS in the AS-PATH of the prefix.
ip as-path access-list 10 permit _2006_
- Like above explaination, it will allow any prefix which have AS 2006 in between the AS_PATH
ip as-path access-list 10 permit _2009
- ( if the is no underscrore after 2009, it should generally closed with dollar sign $) will permit any route where AS 2009 is coming anywhere in AS-PATH, but not the first AS.
In case if it is followed by underscore, it can be followed by any other ASes.
If it is ending with $, AS 2009 has to be the last AS in the AS-PATH.
Regard,
Smitesh
10-29-2012 06:17 AM
Hi
I kind of get it
can you please give me another example in your own words, say for 4 routers in 4 different AS paths?
cheers
Carl
10-29-2012 06:44 AM
Hi,
to test AS-PATH ACLs you can use either sh ip bgp regexp and the same regular expression you used in your ACL or use sh ip bgp fliter-list 10.I think this is the best way to play with these and understand the regexps in BGP.
Regards.
Alain
Don't forget to rate helpful posts.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide