Import filter on 2nd ASN in AS path?

Alexander Zubkov green at qrator.net
Tue Mar 26 10:34:39 CET 2019


Hi,

You can try to delete AS-TRANSIT from the path and get first.
Something like (this is just a sketch):

delete(bgp_path, AS-TRANSIT).first ~ BOGON_ASNS

On Mon, Mar 25, 2019 at 9:50 PM Robert Scheck <bird at robert-scheck.de> wrote:
>
> Hello folks,
>
> can I somehow import filter only on the 2nd AS number in the AS path? I
> know with the snippet below (heavily inspired by bgpfilterguide.nlnog.net),
> I can filter on AS numbers that appear somewhere in the AS path, however
> this import filter catches by nature also some pseudo-legitimate networks.
>
> define BOGON_ASNS = [ 0, 23456, 64496..64511, 64512..65534, 65535, 65536..65551, 65552..131071, 4200000000..4294967294, 4294967295 ];
>
> if (bgp_path ~ BOGON_ASNS) then {
>   print "Detected bogon AS path: ", net, " ", bgp_path, ", (neighbour ", from, ")";
> }
>
> There are unfortunately some transits with broken export filters which e.g.
> export their DSL/FTTC and FTTH networks using private ASNs and I would like
> to explicitly filter these (example path: AS-TRANSIT AS-BOGON1 AS-BOGON2).
>
> The documentation has hints for first and last ASN in path, but this would
> catch in above example only AS-TRANSIT or AS-BOGON2, but not AS-BOGON1. Any
> pointers?
>
> Thank you.
>
>
> Regards,
>   Robert


More information about the Bird-users mailing list