Understanding AS Path Regular Expressions for Use as Routing Policy Match Conditions

 

A BGP AS path is the sequence of autonomous systems that network packets traverse to get to a specified router. AS numbers are assembled in a sequence that is read from right to left. For example, for a packet to reach a destination using a route with an AS path 5 4 3 2 1, the packet first traverses AS 1 and so on until it reaches AS 5. In this case, AS 5 is the last AS before the packet destination; it is the AS that the source of the packet would peer with.

When working with AS paths and routing policy match conditions, you can use regular expressions to locate routes. To do so, create one or more match conditions based on some or all of the AS path, and then include it in a routing policy.

The following sections describe AS path regular expressions and provide configuration examples.

Configuration of AS Path Regular Expressions

You can create a named AS path regular expression and then include it in a routing policy with the as-path match condition (described in Routing Policy Match Conditions). To create a named AS path regular expression, include the as-path statement:

To include the AS path regular expression in a routing policy, include the as-path match condition in the from statement.

Additionally, you can create a named AS path group made up of AS path regular expressions and then include it in a routing policy with the as-path-group match condition. To create a named AS path group, include the as-path-group statement.

To include the AS path regular expressions within the AS path group in a routing policy, include the as-path-group match condition in the from statement.

Note

You cannot include both of the as-path and as-path-group statements in the same policy term.

Note

You can include the names of multiple AS path regular expressions in the as-path match condition in the from statement. If you do this, only one AS path regular expression needs to match for a match to occur. The AS path regular expression matching is effectively a logical OR operation.

The AS path name identifies the regular expression. It can contain letters, numbers, and hyphens (-), and can be up to 65,536 characters. To include spaces in the name, enclose the entire name in quotation marks (“ ”).

The regular expression is used to match all or portions of the AS path. It consists of two components, which you specify in the following format:

  • term—Identifies an AS. You can specify it in one of the following ways:

    • AS number—The entire AS number composes one term. You cannot reference individual characters within an AS number, which differs from regular expressions as defined in POSIX 1003.2.

    • Wildcard character—Matches any single AS number. The wildcard character is a period (.). You can specify multiple wildcard characters.

    • AS path—A single AS number or a group of AS numbers enclosed in parentheses. Grouping the regular expression in this way allows you to perform a common operation on the group as a whole and to give the group precedence. The grouped path can itself include operators.

      In Junos OS Release 9.1 and later, you can specify 4-byte AS numbers as defined in RFC 4893, BGP Support for Four-octet AS Number Space, as well as the 2-byte AS numbers that are supported in earlier releases of the Junos OS. You can configure a value in the range from 1 through 4,294,967,295.

  • operator—(Optional) An operator specifying how the term must match. Most operators describe how many times the term must be found to be considered a match (for example, any number of occurrences, or zero, or one occurrence). Table 1 lists the regular expression operators supported for AS paths. You place operators immediately after term with no intervening space, except for the pipe ( | ) and dash (–) operators, which you place between two terms, and parentheses, with which you enclose terms.

You can specify one or more term–operator pairs in a single regular expression.

Table 2 shows examples of how to define regular expressions to match AS paths.

Table 1: AS Path Regular Expression Operators

Operator

Match Definition

{m,n}

At least m and at most n repetitions of term. Both m and n must be positive integers, and m must be smaller than n.

{m}

Exactly m repetitions of term. m must be a positive integer.

{m,}

m or more repetitions of term. m must be a positive integer.

*

Zero or more repetitions of term. This is equivalent to {0,}.

+

One or more repetitions of term. This is equivalent to {1,}.

?

Zero or one repetition of term. This is equivalent to {0,1}.

|

One of two terms on either side of the pipe.

Between a starting and ending range, inclusive.

^

A character at the beginning of a community attribute regular expression. This character is added implicitly; therefore, the use of it is optional.

$

A character at the end of a community attribute regular expression. This character is added implicitly; therefore, the use of it is optional.

( )

A group of terms that are enclosed in the parentheses. Intervening space between the parentheses and the terms is ignored. If a set of parentheses is enclosed in quotation marks with no intervening space "()", it indicates a null path.

[ ]

Set of AS numbers. One AS number from the set must match. To specify the start and end of a range, use a hyphen (-). A caret (^) may be used to indicate that it does not match a particular AS number in the set, for example [^123].

Table 2: Examples of AS Path Regular Expressions

AS Path to Match

Regular Expression

Sample Matches

AS path is 1234

1234

1234

Zero or more occurrences of AS number 1234

1234*

1234

1234 1234

1234 1234 1234

Null AS path

Zero or one occurrence of AS number 1234

1234? or 1234{0,1}

1234

Null AS path

One through four occurrences of AS number 1234

1234{1,4}

1234

1234 1234

1234 1234 1234

1234 1234 1234 1234

One through four occurrences of AS number 12, followed by one occurrence of AS number 34

12{1,4} 34

12 34

12 12 34

12 12 12 34

12 12 12 12 34

Range of AS numbers to match a single AS number

123–125

123

124

125

[123–125]*

Null AS path

123

124 124

125 125 125

123 124 125 123

Path whose second AS number must be 56 or 78

(. 56) | (. 78) or . (56 | 78)

1234 56

1234 78

9876 56

3857 78

Path whose second AS number might be 56 or 78

. (56 | 78)?

1234 56 52

34 56 1234

1234 78 39

794 78 2

Path whose first AS number is 123 and second AS number is either 56 or 78

123 (56|78)

123 56

123 78

Path of any length, except nonexistent, whose second AS number can be anything, including nonexistent

. .* or . .{0,}

1234 1234 5678 1234 5 6 7 8

AS path is 1 2 3

1 2 3

1 2 3

One occurrence of the AS numbers 1 and 2, followed by one or more occurrences of the AS number 3

1 2 3+

1 2 3

1 2 3 3

1 2 3 3 3

One or more occurrences of AS number 1, followed by one or more occurrences of AS number 2, followed by one or more occurrences of AS

number 3

1+ 2+ 3+

1 2 3

1 1 2 3

1 1 2 2 3

1 1 2 2 3 3

Path of any length that begins with AS numbers 4, 5, 6

4 5 6 .*

4 5 6

4 5 6 7 8 9

Path of any length that ends with AS numbers 4, 5, 6

.* 4 5 6

4 5 6

1 2 3 4 5 6

4 9 4 5 6

AS path 5, 12, or 18

5 | 12 | 18

5

12

18

Configuring a Null AS Path

You can use AS path regular expressions to create a null AS path that matches routes (prefixes) that have originated in your AS. These routes have not been advertised to your AS by any external peers. To create a null AS path, use the parentheses operator enclosed in quotation marks with no intervening spaces:

In the following example, locally administered AS 2 is connected to AS 1 (10.2.2.6) and AS 3. AS 3 advertises its routes to AS 2, but the administrator for AS 2 does not want to advertise AS 3 routes to AS 1 and thereby allow transit traffic from AS 1 to AS 3 through AS 2. To prevent transit traffic, the export policy only-my-routes is applied to AS 1. It permits advertisement of routes from AS 2 to AS 1 but prevents advertisement of routes for AS 3 (or routes for any other connected AS) to AS 1:

How AS Path Regular Expressions Are Evaluated

AS path regular expressions implement the extended (modern) regular expressions as defined in POSIX 1003.2. They are identical to the UNIX regular expressions with the following exceptions:

  • The basic unit of matching in an AS path regular expression is the AS number and not an individual character.

  • A regular expression matches a route only if the AS path in the route exactly matches regular-expression. The equivalent UNIX regular expression is ^regular-expression$. For example, the AS path regular expression 1234 is equivalent to the UNIX regular expression ^1234$.

  • You can specify a regular expression using wildcard operators.

Examples: Configuring AS Path Regular Expressions

Exactly match routes with the AS path 1234 56 78 9 and accept them:

Match alternate paths to an AS and accept them after modifying the preference:

Match routes with an AS path of 123, 124, or 125 and accept them after modifying the preference: