OpenBGPD AS Filtering

[a b]

Hello,

Are there any plans afoot to enable more flexibility when specifying
ASN filters in bgpd.conf ?

Unless I've missed something important in the man
page, there's no way to turn :

deny from any AS
{64512,64513,64514,64515,64516,  /** BIG SNIP **/
65528,65529,65530,65531,65532,65533,65534} 

into 

deny from any AS
{64512-65534}

The unwieldy nature of the present syntax only gets worse with
32-bit ASNs, which suddenly takes us from a 1022 ASN list (or more if you are
pedantic and include RFC5398 64496-64511 and 65535) to  many more if you
include presently unallocated ranges (e.g.394240-4294967294)

Surely I cannot
be the only one facing this issue ? 


Other than that, keep up the good work
!

Ben

OpenBGPD ASN4 filtering

[Tom Martin]

!--
 /* Font Definitions */
 @font-face
{font-family:Cambria Math;
panose-1:2 4 5 3 5 4 6 3 2 4;
mso-font-charset:0;
mso-generic-font-family:roman;
mso-font-pitch:variable;
mso-font-signature:-1610611985 1107304683 0 0 159 0;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;
mso-font-charset:0;
mso-generic-font-family:swiss;
mso-font-pitch:variable;
mso-font-signature:-1610611985 1073750139 0 0 159 0;}
 /* Style Definitions */
 p.MsoNormal, li.MsoNormal, div.MsoNormal
{mso-style-unhide:no;
mso-style-qformat:yes;
mso-style-parent:;
margin:0cm;
margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:Calibri,sans-serif;
mso-fareast-font-family:Calibri;
mso-fareast-theme-font:minor-latin;
mso-bidi-font-family:Times New Roman;}
.MsoChpDefault
{mso-style-type:export-only;
mso-default-props:yes;
font-size:10.0pt;
mso-ansi-font-size:10.0pt;
mso-bidi-font-size:10.0pt;}
@page Section1
{size:612.0pt 792.0pt;
margin:70.85pt 70.85pt 70.85pt 70.85pt;
mso-header-margin:35.4pt;
mso-footer-margin:35.4pt;
mso-paper-source:0;}
div.Section1
{page:Section1;}
--


Hi all,





With a
future look we are now testing serveral situations with quagga and OpenBGPD. 
In
both situations the results are satisfactory.


But still
we are facing the issue with the 4 AS byte community filter. In both 
situations
itbs made to use 4 byte AS, but what about filtering?


The
implementation is global as following:





0:Peer-Asn
   
Block the prefix for Peer-asn


64520:Peer-Asn  
Only announce too Peer-asn


0:64520   
Block for all peers


64520:64520  
   
Announce to all peers





This filter
works great, but by using the 4 byte AS number, this implementation is hard 
to
implement. Does anyone know a solution for this problem? In the 2 byte AS 
this
solutions works, but what about the 4 byte AS filtering. Does anyone has
experience with this?





Regards
Tom Martin