Regular Expressions are something that I still struggle to wrap my head around. However, they make things much easier and faster with parsing BGP tables, and they are of course unavoidable if you have to write an AS Path access-list. WIth practice, they do of course get better.
To start, a table of regular expression characters and their meanings to fall back on (though it will be necessary to memorize these in the long run!):
|
Character |
Meaning |
| ^ | Start of String |
| $ | End of String |
| [ ] | Range of Characters |
| – | Used to specify a range – ie [0-9] |
| ( ) |
Logical Grouping |
| . |
Any single character |
| * | Zero or more instances |
| + | One or more instance |
| ? | Zero or one instance |
| _(underscore) |
Comma, open or close brace, space, start of line or end of line |
Using this table, some examples with both show commands and AS Path ACLs…
1) To view just prefixes originated in AS 100 with no other path:
show ip bgp regex ^100$
| ^ | Start of String |
| 100 | Exactly AS 100 |
| $ | End of String |
This will get you an output of just routes that originated from AS 100.
Corresponding AS Path ACL:
ip as-path access-list 99 permit ^100$
2) Prefixes originated in a customer network of AS 100, which then pass through. AS 100 will be your directly connected AS:
show ip bgp regex ^100_[0-9]+$
| ^ | Start of String |
| 100 | Exactly AS 100 |
| _ | Space |
| [0-9] | Any number 0-9 |
| + | One or more instance of 0-9 |
| $ | End of line |
Thus, this will match anything AS Path of 100 X, where X is any other single AS.
Corresponding AS Path ACL:
ip as-path access-list 99 permit ^100_[0-9]+$
3) Prefixes which your AS learned directly from AS 100, were injected into BGP by AS 300, and passed through AS 200 somewhere along the way (not limited to only passing through AS 200):
show ip bgp regex ^100_(.+_)*200_(.+_)*300$
| ^ | Start of String |
| 100 | Exactly AS 100 |
| _ | Space |
| (.+_) | One or more instance of any single character, space |
| * | Zero or more instances |
| 200 | Exactly AS 200 |
| _ | Space |
| (.+_) | One or more instance of any single character, space |
| * | Zero or more instances |
| 300 | Exactly AS 300 |
| $ | End of Line |
Corresponding AS Path ACL:
ip as-path access-list 99 permit ^100_(.+_)*200_(.+_)*300$
This one looks long and confusing, but when you imagine that it is simple a path of AS 100 200 300 with the option of any AS of any character between 100 and 200 and 200 and 300, it’s not so bat. Remember to use a * for zero or more instances when you want to leave the option open for NO other AS in the path – it’s the best choice to also leave the option open for just 100 200 300.
Regular expressions really just require practice. Two websites that I use for practice quizzes (and find that I do not memorize the answers – too many characters) are linked below.
http://catspace.com/goodies/regexp.htm
http://www.netcraftsmen.net/presos/Regex_Practice/player.html
Enjoy!
Nexiilicious 