...
| Property | Type | Description |
|---|---|---|
| Numeric properties | ||
| dst-len | Destination prefix length | |
| bgp-path-len | The current length of the BGP AS-PATH | |
| bgp-input-local-as | AS number of the local peer to which the prefix was sent | |
| bgp-input-remote-as | AS number of the remote peer from which the prefix was received | |
| bgp-output-local-as | AS number of the peer that will advertise the prefix | |
| bgp-output-remote-as | AS number of the peer to which the prefix will be advertised | |
| ospf-metric | Current OSPF metric | |
| ospf-tag | Current OSPF tag | |
| rip-metric | Current RIP metric | |
| rip-tag | Current RIP tag | |
| Flag properties | ||
| active | indicates whether the route is active | |
| bgp-atomic-aggregate | ||
| bgp-communities-empty | indicates if the BGP Communities attribute is empty | |
| bgp-ext-communities-empty | indicates if the BGP Extended Communities attribute is empty | |
| bgp-large-communities-empty | indicates if the BGP Large Communities attribute is empty | |
| bgp-network | Indicates if the prefix is originated from BGP networks | |
| ospf-dn | Indicates if the OSPF route has DN bit set. | |
| Prefix properties | ||
| dst | Destination | |
| ospf-fwd | Current OSPF forwarding address | |
| bgp-input-local-addr | The IP address of the local peer to which the prefix was sent | |
| bgp-input-remote-addr | The IP address of the remote peer from which the prefix was received | |
| bgp-output-local-addr | The IP address of the peer that will advertise the prefix | |
| bgp-output-remote-addr | The IP address of the peer to which the prefix will be advertised | |
| Other Properties | ||
| afi | ipv4 | ipv6 | l2vpn | l2vpn-cisco | vpnv4 | vpnv6 | The address family of the route. |
| bgp-as-path | numeric_regexp | AS path matchermatching, read more>> |
| chain | chain_name | |
| ospf-type | ext1 | ext2 | inter | intra | nssa1 | nssa2 | Type of the OSPF route:
|
| protocol | bgp | connected | dhcp | fantasy | modem | ospf | rip | static | vpn | Protocol type from which the route was imported. |
| rpki | invalid | unknown | valid | RPKI validation status of the prefix |
| rtab | routing_table_name | Name of the routing table the route was imported from |
| vrf | vrf_name | Name of the VRF the route was imported from |
...
| Operator | Description |
|---|---|
| find | Check if provided substring is the part of the property value |
| regexp | Match string regexp of the property value |
AS-PATH Regexp Matching
AS Path is the sequence of autonomous system numbers (ASNs), for example AS Path 123 456 789 would indicate, that route originated from AS with number 123, and to reach the destination, the packet would need to travel through two autonomous systems: 456 and 789. To apply specific routing policies administrator might want to match specific AS numbers or set of numbers in the AS Path (for example, reject prefixes that travel through AS 456), which can be achieved using regular expression (regexp).
There are two common ways how to operate with AS Path data:
- convert whole AS path to string and let regexp operate on the string (ROS v6 or Cisco style)
- let regexp operate on each entry in the AS path as a number (ROS v7, Juniper style)
The latter method is much faster and less resource-intensive than the string matching approach.
| Code Block | ||||
|---|---|---|---|---|
| ||||
[matcher] (all can be prefixed with 'not' to negate
bgp-communities|bgp-communities-ext|bgp-communities-large
equal|any|includes|subset
{inline set}
equal-set|any-set|includes-set|subset-set
{set name}
any-regexp|subset-regexp
{regexp}
comment
text|find|regexp
{string}
chain
{chain name}
vrf
{vrf}
rtab
{rtab}
gw-interface
{interface}
gw-check
none|arp|icmp|bfd|bfd-mh
afi
ipv4|ipv6|l2vpn|l2vpn-cisco|vpnv4|vpnv6
,...
protocol
connected|static|bgp|ospf|rip|dhcp|fantasy|modem|vpn
,...
bpg-origin
igp|egp|incomplete
,...
bgp-as-path
{regexp}
rpki
valid|invalid|unknown
ospf-type
intra|inter|ext1|ext2|nssa1|nssa2
ospf-ext-type
type1|type2
[num prop readable]
in
{int..int}|{int-int}
==|!=|<=|>=|<|>
{int}
[num prop readable]
[prfx prop readable]
!=|==|in
{address 46/}
[flag prop readable]
[block]
if ([matcher] &&/|| ...) { [block] } [ else {[block]} ]
accept|reject|return
jump {chain name}
unset
pref-src|bgp-med|bgp-out-med|bgp-local-pref
append
comment
{string}
bgp-communities|bgp-communities-ext|bgp-communities-large
{inline community set}|{set name}
filter
bgp-communities|bgp-communities-ext|bgp-communities-large
regexp
{regexp}
{inline community set}|{set name}
delete
bgp-communities
regexp
{regexp}
{inline community set}|{set name}
wk|other
,...
bgp-communities-ext
regexp
{regexp}
{inline community set}|{set name}
rt|soo|other
,...
bgp-communities-large
regexp
{regexp}
{inline community set}|{set name}
all
set
[num prop writable]
[+|-][num prop readable]|[num prop writable]
gw
{address 46i}
gw-interface
{interface}
gw-check
none|arp|icmp|bfd|bfd-mh
pref-src
{address 46}
bgp-origin
igp|egp|incomplete
ospf-ext-fwd
{address 46}
ospf-ext-type
type1|type2
comment
{string}
bgp-communities
{inline community set}|{set name}
bgp-communities-ext
{inline community set}|{set name}
bgp-communities-large
{inline community set}|{set name}
rpki-verify
{rpki group name}
|
...