Deleting all extended communities
Hello, what is a right way to delete all extended communities ? bgp_ext_community.delete( [ (*,*,*) ] ); raises a syntax error. Thanks in advance! -- MINO-RIPE
On Fri, Nov 18, 2011 at 04:11:30PM +0200, Alexander Shikoff wrote:
Hello,
what is a right way to delete all extended communities ?
bgp_ext_community.delete( [ (*,*,*) ] ); raises a syntax error.
It is true that ext_community filter syntax is more limited that community filter syntax. So this is currently not possible. We should probably add support for (*,*,*) and (something,*,*). To delete all ext. comms, currently it is possible to use these undocumented expressions: bgp_ext_community = --empty--; or perhaps: bgp_ext_community.empty; BTW, why anyone wants to delete all (extended) communities? -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
On 19.11.2011 14:46, Ondrej Zajicek wrote:
On Fri, Nov 18, 2011 at 04:11:30PM +0200, Alexander Shikoff wrote:
Hello,
what is a right way to delete all extended communities ?
bgp_ext_community.delete( [ (*,*,*) ] ); raises a syntax error.
It is true that ext_community filter syntax is more limited that community filter syntax. So this is currently not possible. We should probably add support for (*,*,*) and (something,*,*).
To delete all ext. comms, currently it is possible to use these undocumented expressions:
bgp_ext_community = --empty--;
or perhaps:
bgp_ext_community.empty;
BTW, why anyone wants to delete all (extended) communities?
For example at route server - you may want to delete 'signaling'. :-)
On Sat, Nov 19, 2011 at 08:16:44PM +0100, Ondrej Filip wrote:
BTW, why anyone wants to delete all (extended) communities?
For example at route server - you may want to delete 'signaling'. :-)
It makes sense to remove communities used for signaling to the route server, but i don't see why remove all communities. I guess that other communities may be used to communicate arbitrary info of unknown semantics between (not necessary adjacent) ASes and it seems rude to just strip that. Or not? -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
Hello! On Sun, Nov 20, 2011 at 12:38:23AM +0100, Ondrej Zajicek wrote:
On Sat, Nov 19, 2011 at 08:16:44PM +0100, Ondrej Filip wrote:
BTW, why anyone wants to delete all (extended) communities?
For example at route server - you may want to delete 'signaling'. :-)
It makes sense to remove communities used for signaling to the route server, but i don't see why remove all communities.
I guess that other communities may be used to communicate arbitrary info of unknown semantics between (not necessary adjacent) ASes and it seems rude to just strip that. Or not? You're right. But some operators deliberately break RFCs and strip communities and ext. communities. It depends on their security policies and considerations (e.g. my downstream shall not manage its traffic with my upstreams' communities).
-- MINO-RIPE
participants (3)
-
Alexander Shikoff -
Ondrej Filip -
Ondrej Zajicek