In article <199709092102.RAA18271@Iodine.Mlink.NET>, Phillip Vandry <vandry@Mlink.NET> wrote:
Maybe that should be even more the standard practice. There is nothing to lose in allocating in the order .0, .128, .64, .192, .32, .96, .160, .224 instead of .0, .32, .64, .96, .128, .160, .192, .224.
Sounds similar to what was suggested in RFC 1219 over six years ago. -- Shields, CrossLink.
Ok, thanks to all the people who helped me out with my gated.conf problems. Although not exactly what I needed to know at the time, it did teach me a lot about what I was trying to do, and the rest came a little easier. One problem I'm having, is I've got several regular expression statemenst I'm trying to use to filter my routes to one of my upstream carriers. I had a t1 to this upstream to test out how much we liked their network, and now we're moving up to oc-3 to them. What we've done is purchased a GRF for this link, and run the ATM into it. I'd like to duplicate the as-path access-list for the oc-3. The Cisco config follows. ip as-path access-list 31 deny _3831_ ip as-path access-list 31 deny _701_ ip as-path access-list 31 deny _114_ ip as-path access-list 31 deny _6302_ ip as-path access-list 31 deny ^4259 .* ip as-path access-list 31 deny ^3817 .* ip as-path access-list 31 permit .* These do the job on my network, and I'm happy with them. On the GRF, I've done this to try and duplicate them: export proto bgp as 3831 { proto bgp aspath 3831 origin any { all restrict; }; proto bgp aspath 701 origin any { all restrict: }; proto bgp aspath 6302 origin any { all restrict: }; proto bgp aspath 4259 .* origin any { all restrict; }; proto bgp aspath 3817 .* origin any { all restrict; }; proto bgp aspath .* origin any { all }; }; Could someone please explain to me why this doesn't work? I'm at wits end. For some reason, I've gotten no response from the gated mailing list, and I really haven't had the time till now to check why. Any help would definitely be appreciated. Joe Shaw - jshaw@insync.net NetAdmin - Insync Internet Services #!/usr/bin/perl # Standard Disclaimer to keep Joe from getting in trouble again. print (" ***Disclaimer***\n"); print (" The opinions of Joe Shaw are not necessarily those of Insync\n"); print (" Internet Services or of any of it's other employees. If you\n"); print (" wish to quote me on anything, please feel free, but remove\n"); print (" Insync's name from it.\n"); "Learn more, and you will never starve." - Paraphrase of Lee On 9 Sep 1997, Michael Shields wrote:
In article <199709092102.RAA18271@Iodine.Mlink.NET>, Phillip Vandry <vandry@Mlink.NET> wrote:
Maybe that should be even more the standard practice. There is nothing to lose in allocating in the order .0, .128, .64, .192, .32, .96, .160, .224 instead of .0, .32, .64, .96, .128, .160, .192, .224.
Sounds similar to what was suggested in RFC 1219 over six years ago. -- Shields, CrossLink.
On Tue, 9 Sep 1997 18:02:57 -0500 (CDT) Joe Shaw <jshaw@insync.net> wrote:
Ok, thanks to all the people who helped me out with my gated.conf problems. Although not exactly what I needed to know at the time, it did teach me a lot about what I was trying to do, and the rest came a little easier. One problem I'm having, is I've got several regular expression statemenst I'm trying to use to filter my routes to one of my upstream carriers. I had a t1 to this upstream to test out how much we liked their network, and now we're moving up to oc-3 to them. What we've done is purchased a GRF for this link, and run the ATM into it. I'd like to duplicate the as-path access-list for the oc-3. The Cisco config follows.
ip as-path access-list 31 deny _3831_ ip as-path access-list 31 deny _701_ ip as-path access-list 31 deny _114_ ip as-path access-list 31 deny _6302_ ip as-path access-list 31 deny ^4259 .* ip as-path access-list 31 deny ^3817 .* ip as-path access-list 31 permit .*
These do the job on my network, and I'm happy with them. On the GRF, I've done this to try and duplicate them:
OK Change this to: export proto bgp as 3831 { proto bgp aspath .* origin any { all; }; proto bgp aspath 3831 origin any restrict; proto bgp aspath 701 origin any restrict; proto bgp aspath 6302 origin any restrict; proto bgp aspath 4259 * origin any restrict; proto bgp aspath 3817 * origin any restrict; } I think this is correct, but if it isn't working I'd move the the top clause to the bottom and put the others above [order is important, but the order isn't _yet_ documented] You should have a look at filter declations such as this below: define filter "AS-3831" { proto bgp aspath .* origin any { all; }; proto bgp aspath 3831 origin any restrict; proto bgp aspath 701 origin any restrict; proto bgp aspath 6302 origin any restrict; proto bgp aspath 4259 * origin any restrict; proto bgp aspath 3817 * origin any restrict; }; Then do: export proto bgp as 6453 "AS-3831"; Note that I've not tried doing the above, but it should work, it means you can %include filters and makes your gated.conf files much easier to read. Hope this helps, Neil -- Neil J. McRae. Alive and Kicking. Domino: In the glow of the night. neil@DOMINO.ORG NetBSD/sparc: 100% SpF (Solaris protection Factor) Free the daemon in your <A HREF="http://www.NetBSD.ORG/">computer!</A>
Thank you very much for the help. Gated has been driving me crazy, and I do not like the gated.conf examples (and lack thereof) on any of the sites I've looked have helped me more than the people I've talked with about it in the last two days. Thanks, Joe Shaw - jshaw@insync.net NetAdmin - Insync Internet Services #!/usr/bin/perl # Standard Disclaimer to keep Joe from getting in trouble again. print (" ***Disclaimer***\n"); print (" The opinions of Joe Shaw are not necessarily those of Insync\n"); print (" Internet Services or of any of it's other employees. If you\n"); print (" wish to quote me on anything, please feel free, but remove\n"); print (" Insync's name from it.\n"); "Learn more, and you will never starve." - Paraphrase of Lee On Wed, 10 Sep 1997, Neil J. McRae wrote:
On Tue, 9 Sep 1997 18:02:57 -0500 (CDT) Joe Shaw <jshaw@insync.net> wrote:
Ok, thanks to all the people who helped me out with my gated.conf problems. Although not exactly what I needed to know at the time, it did teach me a lot about what I was trying to do, and the rest came a little easier. One problem I'm having, is I've got several regular expression statemenst I'm trying to use to filter my routes to one of my upstream carriers. I had a t1 to this upstream to test out how much we liked their network, and now we're moving up to oc-3 to them. What we've done is purchased a GRF for this link, and run the ATM into it. I'd like to duplicate the as-path access-list for the oc-3. The Cisco config follows.
ip as-path access-list 31 deny _3831_ ip as-path access-list 31 deny _701_ ip as-path access-list 31 deny _114_ ip as-path access-list 31 deny _6302_ ip as-path access-list 31 deny ^4259 .* ip as-path access-list 31 deny ^3817 .* ip as-path access-list 31 permit .*
These do the job on my network, and I'm happy with them. On the GRF, I've done this to try and duplicate them:
OK Change this to:
export proto bgp as 3831 { proto bgp aspath .* origin any { all; }; proto bgp aspath 3831 origin any restrict; proto bgp aspath 701 origin any restrict; proto bgp aspath 6302 origin any restrict; proto bgp aspath 4259 * origin any restrict; proto bgp aspath 3817 * origin any restrict; }
I think this is correct, but if it isn't working I'd move the the top clause to the bottom and put the others above [order is important, but the order isn't _yet_ documented] You should have a look at filter declations such as this below:
define filter "AS-3831" { proto bgp aspath .* origin any { all; }; proto bgp aspath 3831 origin any restrict; proto bgp aspath 701 origin any restrict; proto bgp aspath 6302 origin any restrict; proto bgp aspath 4259 * origin any restrict; proto bgp aspath 3817 * origin any restrict; };
Then do:
export proto bgp as 6453 "AS-3831";
Note that I've not tried doing the above, but it should work, it means you can %include filters and makes your gated.conf files much easier to read.
Hope this helps,
Neil -- Neil J. McRae. Alive and Kicking. Domino: In the glow of the night. neil@DOMINO.ORG NetBSD/sparc: 100% SpF (Solaris protection Factor) Free the daemon in your <A HREF="http://www.NetBSD.ORG/">computer!</A>
Neil J. McRae writes: ...
OK Change this to:
export proto bgp as 3831 { proto bgp aspath .* origin any { all; }; proto bgp aspath 3831 origin any restrict; proto bgp aspath 701 origin any restrict; proto bgp aspath 6302 origin any restrict; proto bgp aspath 4259 * origin any restrict; proto bgp aspath 3817 * origin any restrict; }
I think this is correct, but if it isn't working I'd move the the top clause to the bottom and put the others above [order is important, but the order isn't _yet_ documented]
They're matched sequentially, so the ".*" filter should be moved to the bottom, otherwise all the "restrict" filters will have no effect.
You should have a look at filter declations such as this below:
define filter "AS-3831" { ...[make sure the ".*" is the last one]... };
Then do:
export proto bgp as 6453 "AS-3831";
Note that I've not tried doing the above, but it should work, it means you can %include filters and makes your gated.conf files much easier to read.
If you use the named filter multiple times, it also reduces the size of the running image somewhat and reduces parse time at startup and reconfig (vis-a-vis using %include in several places or just writing out the filter multiple times). (This really should be on the gated-people or ascend-grf mailing list, oh well.) Regards, --John -- John G. Scudder email: jgs@ieng.com Internet Engineering Group, LLC phone: (313) 213-4939 ext 14 122 S. Main, Suite 280 fax: (313) 669-8661 Ann Arbor, MI 48104 www: http://www.ieng.com
On Wed, 10 Sep 1997 11:44:31 -0400 (EDT) "John G. Scudder" <jgs@ieng.com> wrote:
They're matched sequentially, so the ".*" filter should be moved to the bottom, otherwise all the "restrict" filters will have no effect.
OK cool. Does the IENG sell gated? I desperately need a copy for a single PC that i have [i run a largish backbone of GRF's] and communities and prepend is something that I really really am desperate for. Thanks, neil -- Neil J. McRae. Alive and Kicking. Domino: In the glow of the night. neil@DOMINO.ORG NetBSD/sparc: 100% SpF (Solaris protection Factor) Free the daemon in your <A HREF="http://www.NetBSD.ORG/">computer!</A>
participants (4)
-
Joe Shaw -
John G. Scudder -
Neil J. McRae -
shields@crosslink.net