Route filters and AS paths

Route Filtering

Route filters are a set of routes against which a given route will be matched. The resulting action of a match will depend on the use of the route filter. Routes filters are used in the import and export statements, as well as in the martians and other protocol definitions. This section is a generic description of the route filters and how routes are matched.

A route will match the most specific filter that applies. Specifying more than one filter with the same destination, mask and modifiers will generate an error.

Filtering syntax

A route filter is a list of one or more of the following entity:

network [ exact | refines ] network mask mask [ exact | refines ] network masklen number [ exact | refines ] all default host host

These are all the possible formats for a route filter. Not all of these formats are available in all places, for instance the host and default formats are not valid for martians. In most cases it is possible to specify additional parameters relevant to the context of the filter. For example, on a martian statement it is possible to specify the allow keyword, on an import statement you can specify a preference, and on a export you can specify a metric.

network [ exact | refines ]
network mask mask [ exact | refines ]
network masklen number [ exact | refines ]
Matching usually requires both an address and a mask, although the mask is implied in the shorthand forms listed below. These three forms vary in how the mask is specified. In the first form, the mask is implied to be the natural mask of the network. In the second, the mask is explicitly specified. In the third, the mask is specified by the number of contiguous one bits.

If no additional parameters are specified, any destination that falls in the range given by the network and mask is matched, the mask of the destination is ignored. If a natural network is specified, the network, any subnets, and any hosts will be match. The two optional modifiers cause the mask of the destination to be considered also:

exact

This parameter specifies that the mask of the destination must match the supplied mask exactly. This is used to match a network, but no subnets or hosts of that network.

refines

Specifies that the mask of the destination must be more specified (i.e. longer) than the filter mask. This is used to match subnets and/or hosts of a network, but not the network.

all
This entry matches anything. It is equivalent to: 0.0.0.0 mask 0.0.0.0

default
Matches the default route. To match, the address must be the default address and the mask must be all zeros. This is equivalent to: 0.0.0.0 mask 0.0.0.0 exact
host host
Matches the specific host. To match, the address must exactly match the specified host and the network mask must be a host mask (i.e. all ones). This is equivalent to:

host mask 255.255.255 exact

Matching AS paths

An AS path is a list of autonomous_systems that routing information has passed through to get to this router, and an indicator of the origin of the AS path. This information can be used to prefer one path to a destination network over another. The primary method for doing this with GateD is to specify a list of patterns to be applied to AS paths when importing and exporting routes.

Each autonomous system that a route passed through prepends its AS number to the beginning of the AS path.

The origin information details the completeness of AS path information. An origin of igp indicates the route was learned from an interior routing protocol and is most likely complete. An origin of egp indicates the route was learned from an exterior routing protocol that does not support AS paths (EGP for example) and the path is most likely not complete. When the path information is definitely not complete, an origin of incomplete is used.

AS path regular expressions are defined in RFC 1164 section 4.2.

AS path matching syntax

An AS path is matched using the following syntax.

aspath aspath_regexp origin any | ( [ igp ] [ egp ] [ incomplete ] )

This specifies that an AS matching the aspath_regexp with the specified origin is matched.

AS path regular expressions

Technically, an AS path regular expression is a regular expression with the alphabet being the set of AS numbers. An AS path regular expression is composed of one or more AS paths expressions. An AS path expressions is composed of AS path terms and AS path operators.

AS path terms

An AS path term is one of the following three objects:

autonomous_system . ( aspath_regexp )

autonomous_system

Is any valid autonomous system number, from one through 65534 inclusive.

.

matches any autonomous system number.

( aspath_regexp )

parentheses group subexpressions--an operator, such as * or ? works on a single element or on a regular expression enclosed in parentheses

AS path operators

An AS path operator is one of the following:

aspath_term m,n aspath_term m aspath_term m, aspath_term * aspath_term + aspath_term ? aspath_term | aspath_term

aspath_term m,n

a regular expression followed by m,n (where m and n are both non-negative integers and ) means at least m and at most n repetitions.

aspath_term m

a regular expression followed by m (where m is a positive integer) means exactly m repetitions.

aspath_term m,

a regular expression followed by m, (where m is a positive integer) means m or more repetitions.

aspath_term *

an AS path term followed by * means zero or more repetitions. This is shorthand for 0,.

aspath_term +

a regular expression followed by + means one or more repetitions. This is shorthand for 1,.

aspath_term ?

a regular expression followed by ? means zero or one repetition. This is shorthand for 0,1.

aspath_term | aspath_term

matches the AS term on the left, or the AS term on the right.