Solved: BGP regex query

mukundh86 · ‎04-17-2012

Hello all,

I have two routers- R1 and R2 and iam running bgp between them for testing the feature of path prepending. R1 is in AS 65534 and R2 is in AS 65533. R1 has the 10.0.0.0/24 network and advertising it to R2 via BGP.

Here is BGP related configs in R1 and R2

R1

router bgp 65534

no synchronization

bgp log-neighbor-changes

network 10.0.0.0 mask 255.255.255.0

neighbor 192.168.19.1 remote-as 65533

neighbor 192.168.19.1 soft-reconfiguration inbound

neighbor 192.168.19.1 route-map prep out

no auto-summary

ip route 10.0.0.0 255.255.255.0 Null0

ip prefix-list prep seq 10 permit 10.0.0.0/24

route-map prep permit 10

match ip address prefix-list prep

set as-path prepend 65534 65534 65534 65534 65534

R2

router bgp 65533

no synchronization

bgp log-neighbor-changes

neighbor 192.168.19.2 remote-as 65534

neighbor 192.168.19.2 soft-reconfiguration inbound

neighbor 192.168.19.2 prefix-list test in

neighbor 192.168.19.2 filter-list 60 in

no auto-summary

ip as-path access-list 60 permit _65534$

Everything works perfectly with filter-list 60. I am just curious to know if there is any other regex expression we can use in filter list 60. In this case even if we advertise 10.0.0.0/24 from R1 with any random number in As path , it will show up in the BGP route list on R2 , if the advertisement ends with 65534, something like 100 200 300 65534.

I actually donot want this to happen ( have no reason actually why I don't). Is there a regex expression which will specify advertisement to only start with 65534, have one or more occurances of only 65534 and also end with 65534. I tried various regex expressions but no success.

Thanks

Mukundh

Peter Paluch · ‎04-17-2012

Hello Mukundh,

Is there a regex expression which will specify advertisement to only  start with 65534, have one or more occurances of only 65534 and also end  with 65534

Certainly. One of them can be

^(65534_)*65534$

By the way, I see you have the soft-reconfiguration inbound configured. Please remove that configuration until you absolutely know that you need it. The soft-reconfiguration was a hack around the former inability of BGP to request a retransission of the BGP database based on keeping both filtered and unfiltered database at the receiver. However, all respectable BGP implementations today support the Route Refresh capability automatically, and it is not necessary to configure any specific command to get it working. With routers supporting Route Refresh capability, the soft-reconfig is actually a bad thing to do - you just spend more RAM without gaining any additional functionality.

Best regards,

Peter

View solution in original post

Peter Paluch · ‎04-17-2012

Hello Mukundh,

The _ symbol represents the fictious "space" between two elements of the AS_PATH. In binary format, the AS_PATH has no spaces or underscores but rather, it consists of two lists - AS_SEQUENCE (ordered) and AS_SET (unordered; mostly used with aggregation), and each of these lists contains a variable number of elements - the AS numbers. However, in text regexp representation, we have to somehow tell the router that the particular AS number is complete and that the subsequent digits represent another AS number. That is the reason for the _ symbol.

Imagine the AS_PATH contained the following sequence of AS numbers: 1,2,3,4. The corresponding regex would be ^1_2_3_4$. Notice that there is no _ used as the starting or trailing symbol here, because we have specified the entire AS_PATH from the beginning to end (because of ^ and $ symbols), and the AS_PATH in its entirety can not start or finish with a space between two of its elements - rather, it starts and ends with a particular AS number.

There are regexps like

_5$ - the last AS is 5, and the 5 is a complete AS number

^1_2_ - the first two AS numbers are 1 and 2, and the AS_PATH then contains more elements

where it is allowed to have the regexp start or end with a _ symbol, but in those cases, it is not a complete specificatio of the entire AS_PATH.

Your regexp ^65534_(65534)+_$ means: The AS_PATH must start with AS number 65534, then the next single AS number must consist of at least one group of numbers "65534" (i.e. 65534, 6553465534, 655346553465534, etc.), then there must be a space between another element, and then comes the end of the AS_PAth without any more actual AS numbers. Clearly, this can't work.

My regexp ^(65534_)*65534$ states that the AS_PATH can begin with an arbitrary (including zero) number of AS numbers 65534, clearly each of them requiring a separating space from the subsequent element in the AS_PATH, and then it must end with AS number 65534.

Does this help a little? I admit I am writing this in a kind of hurry.

Best regards,

Peter

View solution in original post

Peter Paluch · ‎04-18-2012

Hi Mukundh,

Oh, I see. Well, the ^$ means an empty AS_PATH, or in other words, a network originated from within our own AS. However, the _$ is a nonsense - there is no meaning behind such regexp in terms of AS_PATH values.

Best regards,

Peter

View solution in original post

Peter Paluch · ‎04-17-2012

Hello Mukundh,

Is there a regex expression which will specify advertisement to only  start with 65534, have one or more occurances of only 65534 and also end  with 65534

Certainly. One of them can be

^(65534_)*65534$

By the way, I see you have the soft-reconfiguration inbound configured. Please remove that configuration until you absolutely know that you need it. The soft-reconfiguration was a hack around the former inability of BGP to request a retransission of the BGP database based on keeping both filtered and unfiltered database at the receiver. However, all respectable BGP implementations today support the Route Refresh capability automatically, and it is not necessary to configure any specific command to get it working. With routers supporting Route Refresh capability, the soft-reconfig is actually a bad thing to do - you just spend more RAM without gaining any additional functionality.

Best regards,

Peter

mukundh86 · ‎04-17-2012

Thanks Peter. It works with the regex you gave. Also thanks on the tip for soft reconfiguration and I have removed it.

Can you let me know a method how to figure out the right regex to use. I came up with 65534$ only after sometime. I tried a few regexes without success like

^65534_(65534)+_$

I am not sure how to use _ keyword.

Thanks

Mukundh

Peter Paluch · ‎04-17-2012

Hello Mukundh,

The _ symbol represents the fictious "space" between two elements of the AS_PATH. In binary format, the AS_PATH has no spaces or underscores but rather, it consists of two lists - AS_SEQUENCE (ordered) and AS_SET (unordered; mostly used with aggregation), and each of these lists contains a variable number of elements - the AS numbers. However, in text regexp representation, we have to somehow tell the router that the particular AS number is complete and that the subsequent digits represent another AS number. That is the reason for the _ symbol.

Imagine the AS_PATH contained the following sequence of AS numbers: 1,2,3,4. The corresponding regex would be ^1_2_3_4$. Notice that there is no _ used as the starting or trailing symbol here, because we have specified the entire AS_PATH from the beginning to end (because of ^ and $ symbols), and the AS_PATH in its entirety can not start or finish with a space between two of its elements - rather, it starts and ends with a particular AS number.

There are regexps like

_5$ - the last AS is 5, and the 5 is a complete AS number

^1_2_ - the first two AS numbers are 1 and 2, and the AS_PATH then contains more elements

where it is allowed to have the regexp start or end with a _ symbol, but in those cases, it is not a complete specificatio of the entire AS_PATH.

Your regexp ^65534_(65534)+_$ means: The AS_PATH must start with AS number 65534, then the next single AS number must consist of at least one group of numbers "65534" (i.e. 65534, 6553465534, 655346553465534, etc.), then there must be a space between another element, and then comes the end of the AS_PAth without any more actual AS numbers. Clearly, this can't work.

My regexp ^(65534_)*65534$ states that the AS_PATH can begin with an arbitrary (including zero) number of AS numbers 65534, clearly each of them requiring a separating space from the subsequent element in the AS_PATH, and then it must end with AS number 65534.

Does this help a little? I admit I am writing this in a kind of hurry.

Best regards,

Peter

mukundh86 · ‎04-17-2012

Hi Peter,

Actually it helped a lot . Beautifully explained and it has cleared my doubts on regexes.

Thanks a million

Mukundh

mukundh86 · ‎04-18-2012

I have just one more question. Can you let me know what _$ means and where this kind of regex is used?

Peter Paluch · ‎04-18-2012

Hello Mukundh,

I have to admit that I am not sure at all about this one. Have you seen that in any document? What context was it used in?

Best regards,

Peter

mukundh86 · ‎04-18-2012

Hi Peter,

I myself didn't spot it anywhere. I saw about ^$ which means a null AS path and just thought what could _$ mean.

But i guess that if it is not used anywhere, it doesn't matter.

Thanks

Mukundh

Peter Paluch · ‎04-18-2012

Hi Mukundh,

Oh, I see. Well, the ^$ means an empty AS_PATH, or in other words, a network originated from within our own AS. However, the _$ is a nonsense - there is no meaning behind such regexp in terms of AS_PATH values.

Best regards,

Peter

mukundh86 · ‎04-18-2012

Thank you.

Peter Paluch · ‎04-18-2012

Hi Mukundh,

It's a pleasure. Anytime. Thank you very much for your generous ratings!

Best regards,

Peter