Hi, We are trying to filter unwanted communities that our peering partners have forgot to remove in order not to send them to other peering parties. In order to do this we add the communities we want to a clist parameter, empty bgp_community, then add the clist back to bgp_community. The configuration is like this : function check_allow_communities() clist myc; { if ( (100,101) ~ bgp_community ) then { myc = add(myc, (100,101)); } if ( (100,102) ~ bgp_community ) then { myc = add(myc, (100,102)); } return myc; } function check_deny_communities() clist myc; { if ( (0,101) ~ bgp_community ) then { myc = add(myc, (0,101)); } if ( (0,102) ~ bgp_community ) then { myc = add(myc, (0,102)); } return myc; } filter bgp_in_100 pair set allow_communities; pair set deny_communities; { if ( is_martian() ) then { reject "Prefix filtered out by is_martian"; } else { allow_communities = check_allow_communities(); deny_communities = check_deny_communities(); bgp_community.empty; bgp_community.add((100,1000)); bgp_community.add((100,3000)); bgp_community.add(allow_communities); bgp_community.add(deny_communities); accept; } } The problem appears in the log fie : Jun 15 15:59:59 jls bird: filters, line 21: Can't add/delete to non-clist Jun 15 15:59:59 jls last message repeated 4 times Jun 15 15:59:59 jls bird: ... We are running BIRD 1.3.1 on FreeBSD 6.2. Can you please point me in the right direction ? Best Regards, Mihai Claudiu Capatina Managing Partner Vector Communications SRL Address : Aleea Cetatuia, Nr. 4, Bl. M22, Sc. 5, Et. 2, Ap. 276, Sect. 6, Bucuresti, 060834 Romania Phone: +40-729-087003 Fax: +40-318-146297 www.vector-communications.net
On Wed, Jun 15, 2011 at 04:09:13PM +0300, Mihai Claudiu Capatina wrote:
Hi,
We are trying to filter unwanted communities that our peering partners have forgot to remove in order not to send them to other peering parties. In order to do this we add the communities we want to a clist parameter, empty bgp_community, then add the clist back to bgp_community.
...
The problem appears in the log fie :
Jun 15 15:59:59 jls bird: filters, line 21: Can't add/delete to non-clist Jun 15 15:59:59 jls last message repeated 4 times Jun 15 15:59:59 jls bird: ...
We are running BIRD 1.3.1 on FreeBSD 6.2.
Can you please point me in the right direction ?
Which line in your config file is line 21? I am not sure what is a default value of local variable myc, perhaps you could init it using 'myc = - empty -;' (undocumented syntax for empty clist). One obvious problem is here: allow_communities = check_allow_communities(); Because allow_communities has a type pair set, but check_allow_communities returns clist) I thing that problem is that bgp_community.add cannot add clist, just a pair of pair set (but it is true that extending add operation to handle clist is natural). But even if bgp_community.add worked with clist, it probably wouldn't do what you wanted. The simplest way to remove unwanted communities is just: bgp_community.remove( [set of unwanted communities] )' -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
Hi, Line 21 is : if ( (100,101) ~ bgp_community ) then { myc = add(myc, (100,101)); } I tried defining allow_communities as a clist also but it did not work either. In the end i changed everything to bgp_community.delete ( <pair set > ), but we have a huge list of peers and the <pair set> to define them is huge and hard to maintain. Now i have a script in python to generate the <pair set> from a file containing the ASN of our peers. By the way, is there a way to call an external script from filters ? To be more explicit i would like to filter according to RIPE route objects. Best Regards, Mihai Claudiu Capatina Managing Partner Vector Communications SRL Address : Aleea Cetatuia, Nr. 4, Bl. M22, Sc. 5, Et. 2, Ap. 276, Sect. 6, Bucuresti, 060834 Romania Phone: +40-729-087003 Fax: +40-318-146297 www.vector-communications.net On Jun 16, 2011, at 3:11 PM, Ondrej Zajicek wrote:
On Wed, Jun 15, 2011 at 04:09:13PM +0300, Mihai Claudiu Capatina wrote:
Hi,
We are trying to filter unwanted communities that our peering partners have forgot to remove in order not to send them to other peering parties. In order to do this we add the communities we want to a clist parameter, empty bgp_community, then add the clist back to bgp_community.
...
The problem appears in the log fie :
Jun 15 15:59:59 jls bird: filters, line 21: Can't add/delete to non-clist Jun 15 15:59:59 jls last message repeated 4 times Jun 15 15:59:59 jls bird: ...
We are running BIRD 1.3.1 on FreeBSD 6.2.
Can you please point me in the right direction ?
Which line in your config file is line 21? I am not sure what is a default value of local variable myc, perhaps you could init it using 'myc = - empty -;' (undocumented syntax for empty clist).
One obvious problem is here:
allow_communities = check_allow_communities();
Because allow_communities has a type pair set, but check_allow_communities returns clist)
I thing that problem is that bgp_community.add cannot add clist, just a pair of pair set (but it is true that extending add operation to handle clist is natural).
But even if bgp_community.add worked with clist, it probably wouldn't do what you wanted.
The simplest way to remove unwanted communities is just:
bgp_community.remove( [set of unwanted communities] )'
-- Elen sila lumenn' omentielvo
Ondrej 'SanTiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
Am 16.06.11 14:37, schrieb Mihai Claudiu Capatina:
By the way, is there a way to call an external script from filters ? To be more explicit i would like to filter according to RIPE route objects.
The magic of bird filtering for me is, that it is very fast and intelligent implemented, so I don't see a need for an "external" script/interface. We directly build a filter config in bird syntax style out of the RADB macros. HTH, SJ -- Stefan Jakob e-mail: stefan.jakob@de-cix.net DE-CIX Management GmbH Phone: +49 69 1730 902-32 Lindleystr. 12, 60314 Frankfurt Mobile: +49 172 695 8467 Geschaeftsfuehrer Harald A. Summa Fax: +49 69 4056 2716 Registergericht AG Koeln, HRB 51135 http://www.de-cix.net
participants (3)
-
Mihai Claudiu Capatina -
Ondrej Zajicek -
Stefan Jakob