Community discussions

MikroTik App
 
vaka
just joined
Topic Author
Posts: 22
Joined: Fri Dec 04, 2020 4:08 pm
Location: Ukraine

BGP Filters. Do not understand it strange behaviour

Tue Nov 29, 2022 11:46 pm

Hi, guys!
I have iBgp between R1 and R2 routers (R1 - Mikrotik ROS7.6, R2 - Cisco IOS)

R1 announces 4 networks /24. They are described in ip/firewall/address-lists in one list, for example named AS65001.
10.0.10.0/24. 10.0.20.0/24, 10.0.30.0/24, 10.0.40.0/24

announce to R2 works well.

But! some subnets from this networks are in R2 physically.
So R2 announce back to R1 several /30 subnets. Same AS. For example:
10.0.10.112/30, 10.0.10.116/30, 10.0.10.120/30, 10.0.10.124/30.

On R1 I created filter to receive those subnets like this

if(afi ipv4 && dst in AS65001 && dst-len>24){accept} <-- it doesn't work

if(afi ipv4 && dst==10.0.10.0/24 && dst-len>24){accept} <-- it doesn't work too

if(afi ipv4 && dst in 10.0.10.0/24 && dst-len>24){accept} <-- it works!!!

How can I make this filter more abstract, to use address-lists and to not strict define expected network(s)?
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7038
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: BGP Filters. Do not understand it strange behaviour

Wed Nov 30, 2022 10:24 am

"dst in address-list" means that it will check if destination is in address list (exact match)
"dst==10.0.10.0/24 && dst-len>24" - does not make sense, destination cannot be equal to 10.0.10.0/24 and at the same time have netmask larger than 24

last example is the correct one

Who is online

Users browsing this forum: qatar2022 and 17 guests