Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Improve the Performance of AS Path Lookup in BGP Policy

SUMMARY 

AS Path Lookup in a BGP Policy Without Regular Expression Overview

When working with BGP AS paths and routing policy match conditions, you can configure BGP policies to check for an autonomous system (AS) match in an AS path without using regular expressions. The BGP policy compares the AS to an AS-list or As-list-group and returns true if it finds a match. You can configure the BGP policy to check for a matching origin, neighbor, or transit AS. This feature provides a faster alternative to match origin, transit, and peer AS numbers than using a regular expression.

Benefits of AS-Path without using regular expression in BGP policy:

  • Optimized lookup for origin, neighbor, transit ASes improves the performance.
  • Provides a faster lookup in terms of speed.

The following operations to match the ASes in an AS path are supported:

  • Match the Originating AS in the AS Path—Compares the AS that originated the route. Evaluates if the right most AS number on the AS path belongs to the as-list or as-list-group specified in the as-path-origins configuration statement at the [edit policy-options policy-statement policy-name from] hierarchy level. In the case where the route has been aggregated, and the location of the originating AS contains an AS-set, the as-path-origins operator evaluates to true if any AS contained in the AS-set belongs to the as-list or as-list-group specified in the as-path-origins configuration statement.

  • Match the Neighbor AS in the AS Path—Compares the neighbor AS in the AS path. Evaluates if the first AS number on the AS path matches the as-list or as-list-group specified in the as-path-neighbors configuration statement at the [edit policy-options policy-statement policy-name from] hierarchy level. If the neighboring AS location happens to be an AS-set, the as-path-neighbors operator evaluates to true if any AS contained in the AS-set belongs to the as-list or as-list-group specified in the as-path-neighbors configuration statement.

  • Match the Transit AS in the AS Path—Compares any AS in the AS-Path. Evaluates when any AS belongs to the as-list or as-list-group specified in the as-path-transit configuration statement at the [edit policy-options policy-statement policy-name from] hierarchy level. In the case of AS-set, the as-path-transit operator compares all the ASes in the AS-set.

Configure AS Path Lookup Without Using Regular Expression

You can configure AS path lookups by defining AS lists, or AS list groups for origin, neighbor, and transit ASes and filter the routes without using regular expression.

The table here shows configurations of universal match based on regular expressions and equivalent match with faster execution time.

Match type Universal match based on regular expressions Equivalent match with faster execution time
Peer set policy-options as-path peer-match "^101.*" set policy-options as-list peer-match members 101
Transit set policy-options as-path transit-match ".*61453.*10001.*40007$" set policy-options as-list transit-match members 61453
Origin set policy-options as-path origin-match ".*54367$" set policy-options as-list origin-match members 54367

The following sample configuration shows how you can define AS lists (as-list as-list-name) for origin, neighbor, and transit ASes and how you can use policies to filter the routes without using regular expression:

Step 1: Define AS lists for matching origin, neighbor, and transit AS and apply it as a filter to filter the routes using policies.

Note:

You can also define AS list groups (as-list-group group-name) for matching origin, neighbor, and transit ASes to filter the routes using policies. The following is a sample configuration to define AS list groups to match origin ASes to filter the routes using policies:

Note:

AS list groups to match the origin, neighbor, and transit ASes could be an AS member (for example, 101) or a range of AS members (for example, 6-9). In this case, all the routes originating from 6, 7, 8, 9 will be matched.

If you are using a range of AS members (as-start to as-finish), then the as-start member value should be less than or equal to as-finish member value. The AS member or the AS member range (as-start to as-finish) cannot be 0.

The as-list or as-list-group defines an AS set.

While performing an AS set lookup for origins and neighbors, the first or last AS from an AS path is matched. In the case of transits, there could be multiple iterations on the AS path to perform AS set lookup.

Step 2: Configure policies to match and filter routes based on origin, neighbor, and transit ASes.

Step 3: Define the local autonomous system.

Step 4: Apply the policy as BGP import policy to filter the routes.

Note:

This policy can be applied as an import or export policy to filter the routes to take corresponding action defined in the policy.

You can use the show route CLI command to view the routes in the routing table.

Note:

The configuration statements in the from clause match condition occurs in both [edit policy-options policy-statement policy-name from] and [edit policy-options policy-statement policy-name term term-name from] hierarchy levels.