On 30 Oct 2015 17:27, "Nick Hilliard" <[email protected]> wrote: > > On 30/10/2015 16:57, James Bensley wrote: > > What do others have, what have I missed? > > the asn32 filter can be written as "_42........_", or perhaps "_42[0-9]{8}_" > > TBH, I'd question the value of filtering weird asns. What matters is > filtering out weird prefixes. If you filter out weird ASNs, all you're > doing is chewing up the CPU on your RP. > > Nick
Six of one, half a dozen of the other; I agree CPU is a scarce resource but BGP session flaps to transit providers are rare, and I'm taking reasonable steps to minimize CPU load and hardware process as much traffic as possible. I also don't have 1 single transit provider so I'm happy for one PE to take a while to churn through those routing updates on the rare occasions transit peering flaps, as another will pick up the slack. Looking through my mail archive I think it was 2008 when some berk leaked routes into the global table with AS 0 in the path and Cisco IOS couldn't handle this very well. Sometime between now and my death some twat somewhere will do something similar. As for the regex recommendations, I wasn't clear in my original post that I'm just trying to condense my classical IOS regex first, I have IOS/IOS-XE, IOS-XR and Junos in play, but as you know, IOS isn't supporting number ranges in regex, boo! Thanks for the info though! Cheers, James.
