[c-nsp] BGP Regex to allow ISP customers

Brandon Ewing nicotine at warningg.com
Mon Oct 17 17:44:42 EDT 2016


On Mon, Oct 17, 2016 at 08:14:07PM +0000, Nick Cutting wrote:
> If 55 and 56 are Customer AS's connected to AS 100 (our ISP)
> need to allow:
> 
> 100 55 i
> 100 56 i
> 
> Or 100 55 55 55 I (to allow for prepending)
> 
> But NOT
> 
> 100 55 something else
> 
> Is this possible?
> Any help greatly appreciated.
> 
> Nick

This should be accomplishable with the following quoted regexp:

"_100_((55|56)(_)?)+$"

It may catch an edge case where it would pass "100 55 56", but would allow
for prepending. I've never screwed with backreferencing on routers, but that
might work as well if you just try to match the backreferenced section zero
or more times instead of the grouping one or more times.

Please note that getting a literal "?" on the Cisco CLI can be accomplished
with the sequence ctrl+v ?

Also note that if you *ARE* ASN 100, you will not see _100_ in your BGP
RIB, as your ASN is only prepended when advertising the route to an external
ASN.  In that case, you can just match for client ASNs:

"_((55|56)(_)?)+$"

-- 
Brandon Ewing                                     (nicotine at warningg.com)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20161017/96b3e506/attachment.sig>


More information about the cisco-nsp mailing list