Filtering BGP Routes Based on AS Paths


You want to filter the BGP routes that you either send or receive based on AS Path information.


You can use AS Path filters, either inbound or outbound, to filter either the routes you send or the routes you receive, respectively. You must apply these filters to each peer separately:

Router1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#ip as-path access-list 15 permit ^65501$
Router1(config)#ip as-path access-list 25 permit _65530_
Router1(config)#ip as-path access-list 25 deny _65531$
Router1(config)#ip as-path access-list 25 permit .*
Router1(config)#router bgp 65500
Router1(config-router)#neighbor remote-as 65510
Router1(config-router)#neighbor filter-list 15 in
Router1(config-router)#neighbor remote-as 65520
Router1(config-router)#neighbor filter-list 25 out


One of the most common reasons for filtering routes based on the AS Path is to prevent AS transit, as we showed in Recipes 9.4 and 9.5. However, there are some other useful applications for AS Path filters. The example shown above contains two distinct filters, one of which applies to routes received inbound from one neighbor, and the other works on outbound routes sent to a second neighbor.

AS Path filters are constructed by using a subset of UNIX regular expressions. Regular expressions provide an extremely ...

Get Cisco IOS Cookbook, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.