Using RegEx to Remove AS Numbers from BGP AS-Path Attribute

Using RegEx to Remove AS Numbers from BGP AS-Path Attribute

56431
Created On 09/25/18 17:19 PM - Last Modified 06/08/23 22:35 PM


Resolution


Overview

There are different attributes that determine how BGP chooses the path to reach a prefix/network. Network engineers can influence these attributes to match their network requirements. This document describes how to manipulate the AS_path (autonomous path) attribute using regular expressions.

For this document, the example objective is for the Palo Alto Networks firewall to prefer the path through ISP_2 to reach the 172.30.2.0/23 network. We can achieve this by removing AS numbers 200 and 400 from the AS_path learned from ISP_2 for this prefix.

Network Scenario

The following topology will be used for this document:

Import Network.PNG.png

Steps

  1. Go to Network > Virtual Routers and select the appropriate router
  2. Next, go to BGP > Import
  3. Enter a rule name, enable the rule, and select the appropriate eBGP peer
    Import ISP_B genereal.PNG.png
  4. In the match tab, enter (200|400) for the regex expression and 172.30.2.0/23 for the address prefix to modify its AS_Path.
    Note: To modify the AS_Path for all prefixes, leave the address prefix tab blank.
    Import ISP_B match.PNG
  5. In the Action tab, set Action to 'Allow' and select the 'Remove' radio button to remove the AS paths.
    Import ISP_B Action.PNG
  6. Press OK and the Import rule should look like the following:
    Import after.PNG.png
    Note: If the configuration is committed at this point, the desired AS_paths would be removed but only the 172.30.2.0/23 prefix would be imported from the eBGP peer.
    There is an implicit deny rule that is triggered once any rules are created in the export or import tabs (the same is true for OSPF export). Add an allow rule to make sure you are importing other prefixes. The Import tab should now appear like the following:
    Import after.PNG.png
  7. Commit and verify

Verification

Before the configuration, ISP_1 is the preferred path to reach the 172.30.2.0/24 network as shown in the image below:

Import all networks.PNG.png

After the configuration, ISP_2 is now the preferred path to reach 172.30.2.0/23 since it has a shorter AS_path to the destination network.

import all networks modified.PNG.png

Other Regular Expressions:

^$ - Routes that originated from this AS

_2345_ - Routes that passed through 2345

^2345_ - Routes learned from 2345

_2345$ - Routes originated from AS 2345. (Could sometimes be same as ^$)

(400|500|600) - Match either 400, 500 or 600

See Also

Regular expression syntax for patterns in custom app signature

owner: tasonibare
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClEkCAK&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language