[j-nsp] Need help with stripping of BGP communities

Alexander Shikoff minotaur at crete.org.ua
Tue Oct 6 13:52:05 EDT 2009


Hello All,

I have M10i router and need to strip BGP communities that don't match regex 
pattern.

I've configured BGP community:
[edit policy-options]
minotaur at br1-gdr.ki# show community Prohibited 
invert-match;
members "^((9002)|(21011)|(13228)):([0-5])$";

Then I've created policy-statement and applied it to neighbour's import:
[edit]
minotaur at br1-gdr.ki# show policy-options policy-statement from-Downstream 
then {
    community delete Prohibited;
    next policy;
}

[edit]
minotaur at br1-gdr.ki# show protocols bgp group Downlinks-Default-Only neighbor 91.200.195.18 
description "Downlink: UOS";
import [ from-Downstream from-UOS ];
peer-as 42546;

But communities that don't match "^((9002)|(21011)|(13228)):([0-5])$" are
still associated with prefixes that I receive from downstream:

* 91.202.39.0/24 (2 entries, 1 announced)
     Accepted
     Nexthop: 91.200.195.18
     AS path: 42546 42546 42546 42546 44532 44532 I
     AS path: Recorded
     Communities: 65535:1111 65535:9002

To my shame I cannot find an error in configuration... 
Any help will be heartly appreciated. Thanks.

-- 
MINO-RIPE


More information about the juniper-nsp mailing list