North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: BGP Path Filtering

  • From: Niaz, Wajahat
  • Date: Thu May 15 23:20:44 2003

You should start using communities if you want to provide transit to
downstream bgp customers. Use the right tool for the right job.

Ali,
DSL.net, Inc.


-----Original Message-----
From: Mark Radabaugh [mailto:mark@amplex.net] 
Sent: Thursday, May 15, 2003 10:29 PM
To: nanog@merit.edu
Subject: BGP Path Filtering


I'm having a hard time finding best practices for filtering outbound bgp
announcements when providing transit to bgp-speaking customers.  While we
currently multi-home to several providers it appears we will soon need to
provide transit for customers with their own AS's.

I find lots of references (and understand) the basic

ip as-path access-list 3 permit ^$

and it would seem that should we wish to provide transit for a bgp customer
AS12345 we would use:

ip as-path access-list 3 permit ^12345$

but I think this breaks if AS12345 prepends their advertisement.

Next up is:

ip as-path access-list 3 permit ^12345_[0-9]$*

Which seems correct to me.   Is this still best practice (or even correct)?

Mark Radabaugh
Amplex
(419) 720-3635