Help with script to check if address is within routing table

Hi

Hoping someone much more clever than me can help me here.

Basically we have a database of client IP addresses which is a list of /32 addresses and we have clients which have /30s /28s etc.

What I want to do is export that long list of /32’s and see if they are in use in the network by using a script. To do this manually I would type something like:

/ip route print where x.x.x.x in dst-address

Which if installed in the BGP table would result in me seeing the address is in use.

I thought I might be able to create an array or possibly import the list in CSV and see if the address is in use and the database we have is correct so I created a test array like this:

:global array {"172.168.0.1";"192.168.5.1","100.10.1.2"}

I then tried to walk through the array checking to see if the address was in use by writing this:

:foreach i in=$array do={if ([ip route {find where [:pick $array $i]in dst-address }]) do={ :log info message= "blaaa $array "}}

But it doesn’t work. If I change the

[:pick $array $i]

to an address like this for example:

:foreach i in=$array do={if ([ip route {find where 10.1.0.77  in dst-address }]) do={ :log info message= "blaaa [:pick $array $i]"}}

It sort of works but then the log has “blaaa” followed by all the addresses in the array

I can’t help but feel I’m doing this all wrong and any help is very appreciated!

Thank you
Emma

Hi
I just wrote this an it appears to work:

foreach i in={ "10.20.1.2"; "10.1.0.77"; "10.1.0.78"; "1.2.3.4"; "5.6.7.8"} do={:if [ip route find where $i in dst-address] do={:log info message="found $i"}}

However I have a huge list and I wonder what the best way to handle this is?

Thank you

You have /32 IP or a block like one /20, /22 etc. and you whant know what users are online???

/32 on BGP are not allowed, the minimal is one /24, I do not think you receive by BGP /32…

Hi
Splynx database holds addresses as individual addresses as opposed to their CIDR range and that makes exporting data from the database a little tricky for comparing what we see in iBGP. For us this is a process of elimination. For example, we might have a client with say 192.168.20.0/30 routed to them, however in the splynx db this would appear as 192.168.20.0 192.168.20.1 192.168.20.2 192.168.20.3 so I need to check if these /32’s are within range of the assigned route and since all client routes are distributed on the iBGP network this is quite efficient way of checking.
The reason for doing this is to investigate if there are any differences between the database and what is on the network.

I should have been clear that we are using iBGP and comparing the results to what is in the db of client addresses, not addresses received from external peers which I guess is why you mentioned the minimum range of /24.

I managed to export the addresses now in CSV from the db and import them into the array, I just need to be mindful to not say drop a list from a /21 (2048 addresses) into it or it will likely die. I’ll break our 21/s down and spoon feed it into the array. That is unless there is better way?

The code I wrote works fine for what I need but it would be great if there was a better way, it just returns the address as either true or false if there is a route to it:

:global test { "10.20.1.0"; "10.20.0.1"; "10.20.0.2"; "10.20.0.3"; "10.20.0.4" ....etc}
foreach i in=$test do={:if [ip route find where $i in dst-address] do={:log info message="true $i"} else={:log info message="false $i"}}

Thanks

Why “find where $i in dst-address” ?
If one 0.0.0.0/0 at least is present, all IPs are reachable…

Be precise on starting IP and IPs number…

{
:local startIP 10.24.24.0
:local numIPs  2048
:log info "RSCAN check start"
/ip route
:for counter from=0 to=($numIPs - 1) do={
    :if ([:len [find where (dst-address!=0.0.0.0/0) and (($startIP + $counter) in dst-address)]] = 0) do={
        :log warning "RSCAN: No Route for $($startIP + $counter) found"
    }
}
:log info "RSCAN check end"
}

~80s on my CCR.