Bug #10657
closed
FRR: AS-Path Filter doesn't work anymore
100%
Description
Hi,
after upgrade from 2.4.4_p3 to 2.4.5_p1 route-maps for BGP metric altering based on AS-Path match don't work anymore. I have to alter the local preference for incomming prefixes from certain neighbors based on AS-Path regex to ensure the failover path for prefixes, which have the same as-hop-count. The configuration was working fine on 2.4.4_p3 but now I'm only able to get this done by doing the matching based on prefix-lists.
When looking into the running config of the bgpd on vty, configured ip as-path access-lists are completly missing.
FRR Package Version 0.6.5_1
Updated by Luki TJ over 4 years ago
Syntax for as-path acl has changed in frr ...
Now it's
bgp as-path access-list <name> permit/deny <regex>
The pfSense GUI needs an Update here.
The Workarround for now is to switch to raw-configuration for bgpd and define the ACLs there. Please update the Release Notes of 2.4.5_p1 for known Issues. Everyone who is using BGP and determine primary pathes by as-path filters will have trouble after upgrade. I was lucky that in my case only failover routes were affected ..
Updated by Viktor Gurov over 4 years ago
Updated by Jim Pingle over 4 years ago
- Project changed from pfSense to pfSense Packages
- Category changed from Routing to FRR
- Status changed from New to Pull Request Review
- Affected Version deleted (
2.4.5-p1) - Affected Architecture All added
- Affected Architecture deleted (
amd64)
Updated by Renato Botelho over 4 years ago
- Status changed from Pull Request Review to Feedback
- Assignee set to Renato Botelho
- % Done changed from 0 to 100
PR has been merged. Thanks!
Updated by Viktor Gurov over 4 years ago
- Status changed from Feedback to Resolved
frr 0.6.6 generates a configuration with the correct as-path:
# grep as-path /var/etc/frr/bgpd.conf bgp as-path access-list TESTASPATH1 deny _65534_