Bug #10657


FRR: AS-Path Filter doesn't work anymore

Added by Luki TJ over 1 year ago. Updated over 1 year ago.

Target version:
Start date:
Due date:
% Done:


Estimated time:
Plus Target Version:
Affected Version:
Affected Plus Version:
Affected Architecture:



after upgrade from 2.4.4_p3 to 2.4.5_p1 route-maps for BGP metric altering based on AS-Path match don't work anymore. I have to alter the local preference for incomming prefixes from certain neighbors based on AS-Path regex to ensure the failover path for prefixes, which have the same as-hop-count. The configuration was working fine on 2.4.4_p3 but now I'm only able to get this done by doing the matching based on prefix-lists.

When looking into the running config of the bgpd on vty, configured ip as-path access-lists are completly missing.

FRR Package Version 0.6.5_1

Actions #1

Updated by Luki TJ over 1 year ago

Syntax for as-path acl has changed in frr ...

Now it's

bgp as-path access-list <name> permit/deny <regex>

The pfSense GUI needs an Update here.

The Workarround for now is to switch to raw-configuration for bgpd and define the ACLs there. Please update the Release Notes of 2.4.5_p1 for known Issues. Everyone who is using BGP and determine primary pathes by as-path filters will have trouble after upgrade. I was lucky that in my case only failover routes were affected ..

Actions #3

Updated by Jim Pingle over 1 year ago

  • Project changed from pfSense to pfSense Packages
  • Category changed from Routing to FRR
  • Status changed from New to Pull Request Review
  • Affected Version deleted (2.4.5-p1)
  • Affected Architecture All added
  • Affected Architecture deleted (amd64)
Actions #4

Updated by Renato Botelho over 1 year ago

  • Status changed from Pull Request Review to Feedback
  • Assignee set to Renato Botelho
  • % Done changed from 0 to 100

PR has been merged. Thanks!

Actions #5

Updated by Viktor Gurov over 1 year ago

  • Status changed from Feedback to Resolved

frr 0.6.6 generates a configuration with the correct as-path:

# grep as-path /var/etc/frr/bgpd.conf
bgp as-path access-list TESTASPATH1 deny _65534_


Also available in: Atom PDF