i'm just trying to setup v7 for bgp and for the love of me i cannot do the v6 equivalent of
set-bgp-communities=""
in the new filters. nothing works and the documentation doesn't even have basic examples.
one would think it's
unset bgp-communities
but unset doesn't support that property.
set bgp-communities ""
also doesnt work...
delete bgp-*-communities
bgp-*-communities is not a valid term. no idea how you even came up with that.
i’ve tried basically everything possible and nothing works. in fact from my testing i don’t even see how anything involving the command delete instead of filter would work.
filter removes only the matcher, while delete is an inversed filter that removes everything except the matcher, except when the matcher is not found, in that case it removes nothing. both require a matcher to function, so you cant do just “filter bgp-communities” nor “delete bgp-communities”.
and of course, you’d think something like “filter bgp-communities *” would work, except it doesn’t.
I’m having the same type of issue with deleting communities in a route.
Here is a received route with a large community
[zuul@rtr-core-01.v7.ipa.dev] > routing/route/print det where dst-address=0.0.0.0/0 && bgp
Flags: X - disabled, F - filtered, U - unreachable, A - active;
c - connect, s - static, r - rip, b - bgp, o - ospf, d - dhcp, v - vpn, m - modem, a - ldp-address, l - ldp-mapping, y - copy; H - hw-offloaded; + - ecmp, B - blackhole
AbH afi=ip4 contribution=active dst-address=0.0.0.0/0 routing-table=main gateway=100.127.1.1 immediate-gw=100.126.1.1%vlan3100 distance=200 scope=40 target-scope=30
belongs-to="bgp-IP-100.127.1.1"
bgp.peer-cache-id=*B000002 .as-path="65102" .communities=1016:0 .large-communities=1016:65102:4 .local-pref=100 .atomic-aggregate=yes .origin=igp
debug.fwp-ptr=0x202C2AE0
When I apply this filter:
add chain=ipv4-remove-isp-origin-community-2 rule="if ( bgp-large-communities equal 1016:65102:4 ) { delete bgp-large-communities all; accept;}"
The community is deleted as shown
[zuul@rtr-core-01.v7.ipa.dev] > routing/route/print det where dst-address=0.0.0.0/0
Flags: X - disabled, F - filtered, U - unreachable, A - active;
c - connect, s - static, r - rip, b - bgp, o - ospf, d - dhcp, v - vpn, m - modem, a - ldp-address, l - ldp-mapping, y - copy; H - hw-offloaded; + - ecmp, B - blackhole
AbH afi=ip4 contribution=active dst-address=0.0.0.0/0 routing-table=main gateway=100.127.1.1 immediate-gw=100.126.1.1%vlan3100 distance=200 scope=40 target-scope=30
belongs-to="bgp-IP-100.127.1.1"
bgp.peer-cache-id=*B000002 .as-path="65102" .communities=1016:0 .local-pref=100 .atomic-aggregate=yes .origin=igp
debug.fwp-ptr=0x202C2AE0
However when I apply this filter
/routing filter community-large-list
add communities=1016:65102:4 list=bgp-community-large-1016-65102-4
routing/filter/rule/
routing/filter/rule/set rule="if ( bgp-large-communities equal-list bgp-community-large-1016-65102-4 ) { delete bgp-large-communities all; accept;}"
The large community is not deleted:
[zuul@rtr-core-01.v7.ipa.dev] > routing/route/print det where dst-address=0.0.0.0/0 && bgp
Flags: X - disabled, F - filtered, U - unreachable, A - active;
c - connect, s - static, r - rip, b - bgp, o - ospf, d - dhcp, v - vpn, m - modem, a - ldp-address, l - ldp-mapping, y - copy; H - hw-offloaded; + - ecmp, B - blackhole
AbH afi=ip4 contribution=active dst-address=0.0.0.0/0 routing-table=main gateway=100.127.1.1 immediate-gw=100.126.1.1%vlan3100 distance=200 scope=40 target-scope=30
belongs-to="bgp-IP-100.127.1.1"
bgp.peer-cache-id=*B000002 .as-path="65102" .communities=1016:0 .large-communities=1016:65102:4 .local-pref=100 .atomic-aggregate=yes .origin=igp
debug.fwp-ptr=0x202C2AE0
How can I check what are the routes advertised by BGP???
tried delete bgp-communities all and filter bgp-communities all, neither worked.
from my tests, filter removes matching communities while delete is an inversed filter, removing everything except the matching communities (does nothing if there are no matching communities).
for now i’m having to settle with set bgp-communities internet, which seems to be the same as community 0:0.
by the way, because the parameter bgp-communities can refer to both a community and a community list, if you try to use a community list with the exact same name as one of the well-known communities (for example /routing/filter/community-list/add list=internet ) you get soft-locked. nothing was lost but had to reboot.
command delete bgp-communities all doe snot exist
if you want to delete everything from bgp-communities then use
delete bgp-communities wk,other;
In this case there is not a problem with the delete but with the matcher. On which version you are testing?
This is with 7.6 beta8
Please wait for the next beta where this particular problem should be fixed
Can anybody tell me the equivalent to this this super easy filter in 6.4?:
add action=accept chain=TEST-in prefix=103.X.X.0/22 prefix-length=22-24
add action=discard chain=TEST-in
And this one:
add action=reject chain=out-test prefix=10.0.0.0/24 prefix-length=24-32
add action=accept chain=out-test
thanks in advance
Mikrotik support - helpful as always LOL
I dont get why you have to post such unhelpful posts really… I know where I can find the documentation thanks
Can you at least tell me if this will allow everything except 10.8.1.0/24? Will rule 2 accept all prefixes sent, or rule 3, or any of those would work? In v6 we just used 0.0.0.0/0 accept in filters to allow all prefixes, not sure if its going to work here.
Hope you can answer directly not point to documentation I already read. Thanks.
i think this is very important
Hi chechito,
Yes, I think it’s needed to do blackroute similar to NULL0 in cisco.
Do you maybe have any input for my question (post above)?
Hope which of those rules will allow anything.
Thanks.
Documentation examples have exactly what you have asked in your original post.
== measn “equal” so, no, dst==0.0.0.0/0 will not match everything, because 0.0.0.0/0 is a default route
meaning that *add chain=test-out disabled=no rule="if (dst-len>=0) {accept}\r* will accept everything, right?
or dst>=0.0.0.0/0 will match everything?
I’m sorry but moving to a totally new concept is confusing. In the documentation there is an example for matching the default route, but not for matching all traffic, which is what I need.
I have implemented those commands but I do not find how to see what are the network adverised in order to know if it is working.
Please, can you share with me the command.
