Solved: AS-path filter question

Ciderza99 · ‎01-23-2017

We are directly connected AS 1. We would like to allow AS 1 and directly connected AS in as well as networks originated in 2 with its directly connected AS. We peer with 1 and 1 peers with us and 2.

Will the below work?

ip as-path access-list 13 permit ^1_[0-9]*$

ip as-path access-list 13 permit ^1_2_[0-9]*$

Leonardo Gama · ‎01-24-2017

Hi,

Very interesting.

I tested it successfully on a route-server (it is not a recent version though).

Could you please test this one?

ip as-path access-list 13 permit ^(1)(_\1)*_([0-9]*)(_\1)*$

ip as-path access-list 13 permit ^(1)(_\1)*_(2)(_\1)*_([0-9]*)(_\1)*$

If it is not really supported, you will have to go with your original configuration.

Cheers.

View solution in original post

Leonardo Gama · ‎01-23-2017

Hello,

Yes, but there is a problem.

It will not permit as-path prepend...

I think this is a better option:

ip as-path access-list 13 permit ^(1)(_\1)+_([0-9]*)(_\1)+$

ip as-path access-list 13 permit ^(1)(_\1)+_(2)(_\1)+_([0-9]*)(_\1)+$

Cheers.

Ciderza99 · ‎01-24-2017

Hi Leonardo,

I have tested this in VIRL on 15.6(2)T and receive "invalid back reference when trying to create these two ones you supplied.

Leonardo Gama · ‎01-24-2017

Hi,

Very interesting.

I tested it successfully on a route-server (it is not a recent version though).

Could you please test this one?

ip as-path access-list 13 permit ^(1)(_\1)*_([0-9]*)(_\1)*$

ip as-path access-list 13 permit ^(1)(_\1)*_(2)(_\1)*_([0-9]*)(_\1)*$

If it is not really supported, you will have to go with your original configuration.

Cheers.

Ciderza99 · ‎01-24-2017

Same issue.

We will go with the first configuration. I will try and test your example on version 12.

Thanks for your help and replies.