On Tue, Oct 06, 2009 at 04:10:30PM -0400, Eric Van Tol wrote: > > -----Original Message----- > > From: juniper-nsp-boun...@puck.nether.net [mailto:juniper-nsp- > > boun...@puck.nether.net] On Behalf Of Alexander Shikoff > > Sent: Tuesday, October 06, 2009 1:52 PM > > To: juniper-nsp > > Subject: [j-nsp] Need help with stripping of BGP communities > > > > Hello All, > > > > I have M10i router and need to strip BGP communities that don't match > > regex > > pattern. > > > > I've configured BGP community: > > [edit policy-options] > > minot...@br1-gdr.ki# show community Prohibited > > invert-match; > > members "^((9002)|(21011)|(13228)):([0-5])$"; > > > > Then I've created policy-statement and applied it to neighbour's import: > > [edit] > > minot...@br1-gdr.ki# show policy-options policy-statement from-Downstream > > then { > > community delete Prohibited; > > next policy; > > } > > > > [edit] > > minot...@br1-gdr.ki# show protocols bgp group Downlinks-Default-Only > > neighbor 91.200.195.18 > > description "Downlink: UOS"; > > import [ from-Downstream from-UOS ]; > > peer-as 42546; > > > > But communities that don't match "^((9002)|(21011)|(13228)):([0-5])$" are > > still associated with prefixes that I receive from downstream: > > > > * 91.202.39.0/24 (2 entries, 1 announced) > > Accepted > > Nexthop: 91.200.195.18 > > AS path: 42546 42546 42546 42546 44532 44532 I > > AS path: Recorded > > Communities: 65535:1111 65535:9002 > > > > To my shame I cannot find an error in configuration... > > Any help will be heartly appreciated. Thanks. > > > > -- > > MINO-RIPE > > What is the 'show route' command you are using to get this information? > AFAIK, 'show route receive-protocol bgp' shows what is received, communities > and all, prior to policy processing. In order to see the routes that have > passed through your policy, just do 'show route 91.202.39.0/24 detail' and > those communities should not show up.
Thank you very much! -- MINO-RIPE _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp