Hello,
We @srce have small IX and we filter bgpd updates with communities.
Our conifg is simple and works great:
match from any set community 12345:65000
deny to { group rsip4, group rsip6 } community 12345:65000
deny to { group rsip4, group rsip6 } community 0:12345
allow to { group rsip4, group rsip6 } community 12345:12345
deny to { group rsip4, group rsip6 } community 0:neighbor-as
allow to { group rsip4, group rsip6 } community 12345:neighbor-as
I thought that I can do same thing with ext-community but bgpd -nvf
/etc/bgpd.conf logs
Bad ext-community neighbor-as is invalid
Is it possible to implement neigbour-as to work with ext-communities?
Below is our configuration we thought it would work.
match from any set ext-community soo 12345:65000
deny to { group rsip4, group rsip6 } ext-community soo 12345:65000
deny to { group rsip4, group rsip6 } ext-community soo 0:12345
allow to { group rsip4, group rsip6 } ext-community soo 12345:12345
deny to { group rsip4, group rsip6 } ext-community soo 0:neighbor-as
deny to { group rsip4, group rsip6 } ext-community soo 12345:neighbor-as
If there is some other way to implement same thing, please let me know.
Thank you
