FYI, I went with a per peer pipe solution with a per ASN table, rather than using the master table. If asn A excludes out to B, do not build the pipe config for A->B, if A excludes in from B do not build pipe B->A.
-Stephen -----Original Message----- From: Stephen Holmes Sent: Thursday, January 20, 2011 1:19 PM To: Stephen Holmes; 'bird-us...@bird.network.cz' Subject: RE: Import/Export filter per peer...looking for suggestions Disregard, I came up with a working solution. -Stephen -----Original Message----- From: owner-bird-us...@atrey.karlin.mff.cuni.cz [mailto:owner-bird-us...@atrey.karlin.mff.cuni.cz] On Behalf Of Stephen Holmes Sent: Wednesday, January 19, 2011 6:42 PM To: 'bird-us...@bird.network.cz' Subject: Import/Export filter per peer...looking for suggestions Hi all, We have a few bird configurations we are attempting to throw into production, but there is one thing I cannot figure out entirely. We would like to offer our participants the option to exclude in/outbound to other participants at their choosing. I have a basic setup that filters based on the 'from' ip address of the interface, but this posses a problem. Since I am using a master table this method could potentially reject a network that could have been offered through a non-preferred route (unless that is not the case?). As is the filter function simply looks like this: function bgp_out_ASXXXX(int peeras) { if ! (source = RTS_BGP ) then return false; if (0,peeras) ~ bgp_community then return false; if (myas,peeras) ~ bgp_community then return true; if (0, myas) ~ bgp_community then return false; if from = x.x.x.x then { return false; } return true; } Any suggestions? Thanks, Stephen Holmes ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. ______________________________________________________________________
