The ip as-path-filter command adds an AS_Path filter entry.
The undo ip as-path-filter command deletes the specified AS_Path filter.
By default, no AS_Path filter is configured.
ip as-path-filter { as-path-filter-number | as-path-filter-name } { deny | permit } regular-expression
undo ip as-path-filter { as-path-filter-number | as-path-filter-name } [ { deny | permit } regular-expression ]
| Parameter | Description | Value |
|---|---|---|
| as-path-filter-number | Specifies the number of the AS_Path filter. | It is an integer that ranges from 1 to 256. |
| as-path-filter-name | Specifies the name of the AS_Path filter. | The name is a string of 1 to 51 case-sensitive characters
without any spaces. The string cannot be all numbers. NOTE:
When double quotation marks are used around the string, spaces are
allowed in the string. |
| deny | Specifies the matching mode of the AS_Path filter to Deny. | - |
| permit | Specifies the matching mode of the AS_Path filter to Permit. | - |
| regular-expression | Specifies AS_Path regular expression. | The name is a string of 1 to 255 characters. |
Usage Scenario
An AS_Path filter uses the regular expression to define matching rules. After an AS_Path filter is set, the RM module immediately instructs each protocol to apply the filter by default.
The AS_Path attribute is a private attribute of BGP, and is used to filter BGP routes.
The filter can be directly applied by using a command such as peer as-path-filter.
The filter can be used as a matching condition of a route-policy by using a command such as if-match as-path-filter filter-example.
Configuration Impact
Multiple rules (permit or deny) can be specified in a filter.
In the matching process, the rules are logically ORed. That is, as long as the routing information matches one of the rules, the packets can pass the AS_Path filter group with the specified ID.
Follow-up Procedure
To delay the application of an AS_Path filter, run the route-policy-change notify-delay command to set the delay.
To view detailed configurations of the AS_Path filter, run the display ip as-path-filter command.
Precautions
By default, AS_Path filters work in deny mode. If all matching rules in a filter are configured to work in deny mode, all routes are denied by the filter; to prevent this problem, configure one matching rule in permit mode after one or multiple matching rules in deny mode so that the routes except for those denied by preceding matching rules are permitted by the filter.
Before you run the undo ip as-path-filter command to delete an AS_Path filter that is referenced by another command, delete the reference configuration.
# Create the AS_Path filter with the sequence number being 1, and permit routes that begin with 10 in the AS_Path to pass.
<sysname> system-view
[sysname] ip as-path-filter 1 permit ^10
# Create the AS_Path filter 2, and permit routes that contain 20 in the AS_Path to pass through.
<sysname> system-view
[sysname] ip as-path-filter 2 permit [ 20 ]
# Create the AS_Path filter 3, and prohibit routes that contain 30 in the AS_Path from passing through.
<sysname> system-view
[sysname] ip as-path-filter 3 deny [ 30 ]
[sysname] ip as-path-filter 3 permit .*