08-15-2008 07:26 AM - edited 03-03-2019 11:09 PM
I'm in the process of building a config to multihome my organization to AS4323 and AS7018. I'm looking for tips and config examples to prevent transit to our routers between the two provider AS's.
Can anyone share any specific examples using regular expressions to do this?
Thanks in advance.
/rls
08-15-2008 07:48 AM
Here is some good reading on AS Regular Expressions:
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800c95bb.shtml#asregexp
What you need to do is match the as-path list from traffic that matches the start of the AS_PATH, for instance AS 7018 and block that traffic from going to neighbor in the AS 4323.
You need to do the same in the 7018 AS neighbor for traffic coming from the 4323 AS
HTH,
__
Edison.
08-15-2008 08:41 AM
rls
There is a very simple AS path list which will accomplish what you want:
ip as-path access-list 1 permit ^$
Use this AS path list to filter outbound to the external peers. It will permit only prefixes which originate in your AS and will not permit any transit traffic.
The logic behind it is this:
^$ permits only an empty AS path (has no AS in the path). At the point where the filter is applied your advertisements do not yet have your AS in them, so your prefixes are empty and any prefix received from any external peer will have some content in the AS path. So this AS path list is the easy way to be sure that you do not become transit.
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide