filter on one community only

RonTrunk · ‎06-03-2020

Can I filter routes based on the presence of one community and not others?

For example, I want to accept a route if it has 123:123, but not if it has any additional communities, eg: 123:123, 456:456

tkarnani · ‎06-03-2020

Hi Yes,

this should be possible with a community set.

https://www.cisco.com/c/en/us/td/docs/routers/crs/software/crs_r4-1/routing/command/reference/b_routing_cr41crs/b_routing_cr41crs_chapter_01000.html

once you build your community set, you can refer it in your route-policy.

or you can use the if community matches and use the exact community or a regex .

examples are in the link above

Thanks

RonTrunk · ‎06-03-2020

A regex does not work. for example:

route-policy ALLOW_SINGLE_COMM
  if community matches-every (ios-regex '^123:123$') then
    pass
  else
    drop
  endif
end-policy

Still allows prefixes with multiple communities

smilstea · ‎06-03-2020

There are multiple ways to arrange this, one is to look for the allowed community first and then look for the disallowed communities second, drop inside the second if, then after we close that if statement take an action based on the first if having passed already.

route-policy TEST
    if community matches-any (100:100) then
     if community matches-any (200:200, 300:300) then
      drop
     endif
     set community (500:500) additive
    endif
end-policy

Another option would be to reverse this and drop if we find the excluded communities first and then a second non-nested if state to look for the allowed community and take an action.

route-policy TEST
    if community matches-any (200:200, 300:300) then
     drop
    endif
    if community matches-any (100:100) then
     set community (500:500) additive
    endif
end-policy

Sam