And do you have import keep filtered; in your config? Maria On 4/20/20 11:19 AM, Fabiano D'Agostino wrote:
Hi, In my route server bird.conf I did this: define FILTERED_RPKI_INVALID = (1,1101,13);
filter filter_rpki{ if roa_check(..)=ROA_INVALID then {bgp_large_community.add(FILTERED_RPKI_INVALID);reject;} }
But when I do 'show route all filtered' I get nothing, I also tried with 'show route bgp_large_community ~ [(1,1101,13)]' and I have the same result. Because I would like to have some statistics about VALID/INVALID/UNKOWNÂ prefixes and I saw that I could use the 'show route stats' command.
Thanks,
Fabiano
Il giorno dom 19 apr 2020 alle ore 21:30 Alarig Le Lay <alarig@swordarmor.fr <mailto:alarig@swordarmor.fr>> ha scritto:
On Sun 19 Apr 2020 20:42:21 GMT, Fabiano D'Agostino wrote: > Thanks! > But can I also use birdc to check rejected prefixes?
If you add a community, it will be visible with `show route all filtered`
> Anyway why do you suggest to use bgp_path.last_noaggregated?
Because you don’t want to check ROA against another ASN in the aggregated path.
-- Alarig