Project

General

Profile

Actions

Bug #10657

closed

FRR: AS-Path Filter doesn't work anymore

Added by Luki TJ almost 4 years ago. Updated almost 4 years ago.

Status:
Resolved
Priority:
High
Category:
FRR
Target version:
-
Start date:
06/12/2020
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Affected Version:
Affected Plus Version:
Affected Architecture:
All

Description

Hi,

after upgrade from 2.4.4_p3 to 2.4.5_p1 route-maps for BGP metric altering based on AS-Path match don't work anymore. I have to alter the local preference for incomming prefixes from certain neighbors based on AS-Path regex to ensure the failover path for prefixes, which have the same as-hop-count. The configuration was working fine on 2.4.4_p3 but now I'm only able to get this done by doing the matching based on prefix-lists.

When looking into the running config of the bgpd on vty, configured ip as-path access-lists are completly missing.

FRR Package Version 0.6.5_1

Actions #1

Updated by Luki TJ almost 4 years ago

Syntax for as-path acl has changed in frr ...

Now it's

bgp as-path access-list <name> permit/deny <regex>

The pfSense GUI needs an Update here.

The Workarround for now is to switch to raw-configuration for bgpd and define the ACLs there. Please update the Release Notes of 2.4.5_p1 for known Issues. Everyone who is using BGP and determine primary pathes by as-path filters will have trouble after upgrade. I was lucky that in my case only failover routes were affected ..

Actions #3

Updated by Jim Pingle almost 4 years ago

  • Project changed from pfSense to pfSense Packages
  • Category changed from Routing to FRR
  • Status changed from New to Pull Request Review
  • Affected Version deleted (2.4.5-p1)
  • Affected Architecture All added
  • Affected Architecture deleted (amd64)
Actions #4

Updated by Renato Botelho almost 4 years ago

  • Status changed from Pull Request Review to Feedback
  • Assignee set to Renato Botelho
  • % Done changed from 0 to 100

PR has been merged. Thanks!

Actions #5

Updated by Viktor Gurov almost 4 years ago

  • Status changed from Feedback to Resolved

frr 0.6.6 generates a configuration with the correct as-path:

# grep as-path /var/etc/frr/bgpd.conf
bgp as-path access-list TESTASPATH1 deny _65534_

Actions

Also available in: Atom PDF