show route all filter ...

Ondrej Zajicek santiago at crfreenet.org
Tue Sep 2 13:43:49 CEST 2014


On Thu, Aug 28, 2014 at 12:47:24PM +0200, Alexander Demenshin wrote:
> On 2014-08-28 11:12, Mikhail A. Grishin wrote:
> 
> >We use special command (see below) to view information regarding
> >prefixes containing particular BGP communities.
> 
> You should add "reject" clause:
> 
>   show route all filter {if (0,48642) ~ bgp_community then accept; else
> reject; } table master

Yes, there is no implicit default action, filter should explicitly either
reject or accept routes. You could also use shorthand:

  show route where (0,48642) ~ bgp_community

which is equivalent to:

  show route filter {if (0,48642) ~ bgp_community then accept; else reject; }

> to avoid this warning.
> 
> Once I did this mistake and got more than 2 millions (!) of log file
> entries, and bird was blocked for ca. 20 seconds...
> 
> It would be nice to rate limit repeating messages to avoid such problems, or
> to implement default filter action.

It definitely should be rate limited. All other filter errors are rate
limited, this one i missed.

-- 
Elen sila lumenn' omentielvo

Ondrej 'Santiago' Zajicek (email: santiago at crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20140902/7f661ed1/attachment.asc>


More information about the Bird-users mailing list