Community discussions

MikroTik App
 
jmginer
Member Candidate
Member Candidate
Topic Author
Posts: 141
Joined: Tue Dec 11, 2012 4:56 am
Contact:

Help migrating filter rules from v6 to v7

Sun Oct 10, 2021 2:01 pm

Hello,

I'm trying to migrate my BGP filters from v6 to v7.

The problem is that I can't find how to migrate the "match-chain" rule.

These are my current rules, I receive transit from a provider and offer transit to a customer:

/routing filter

# section 1 - Accept what my transit provider advertise me
add action=accept chain=MyTransitProvider-IN prefix=0.0.0.0/0
add action=accept chain=MyTransitProvider-IN prefix=::/0

# section 2 - Accept what my transit customer advertise me
add action=accept chain=MyTransitCustomer-IN match-chain=MyTransitCustomerAS set-bgp-local-pref=300 set-distance=10 comment="Accept MyTransitCustomer prefixes"
add action=discard chain=MyTransitCustomer-IN comment="No more from MyTransitCustomer"
add action=accept chain=MyTransitCustomer-OUT prefix=0.0.0.0/0 comment="Disabled to provide full routing" disabled=yes
add action=discard chain=MyTransitCustomer-OUT comment="Disabled to provide full routing" disabled=yes

# section 3 - I advertise my own prefixes and my transit customer prefixes to my transit provider
add action=accept chain=MyTransitProvider-OUT match-chain=MyOwnAS
add action=accept chain=MyTransitProvider-OUT match-chain=MyTransitCustomerAS
add action=discard chain=MyTransitProvider-OUT comment="Dont advertise more to MyTransitProvider"

# section 4 - Chains with my prefixes and my transit customer prefixes (like address list)
add action=accept prefix=1.0.0.0/8 prefix-length=0-32 chain=MyOwnAS
add action=accept prefix=2.0.0.0/8 prefix-length=0-32 chain=MyTransitCustomerAS

If someone is kind enough to help me with the migration I would appreciate it very much.

This is what I've tried, but I'm not sure if it's right? And as I say, I need help with sections 2 and 3 to use the match-chain rule.

/routing/filter/rule

# section 1
add chain=MyTransitProvider-IN rule="if (dst==0.0.0.0/0 && protocol static) { accept }"
add chain=MyTransitProvider-IN rule="if (dst==::/0 && protocol static) { accept }"

# section 2
help!
# section 3
help!

# section 4
add chain=MyOwnAS rule="if (dst-len>0 && dst-len<32 && dst in 1.0.0.0/8) { accept }"
add chain=MyTransitCustomerAS rule="if (dst-len>0 && dst-len<32 && dst in 2.0.0.0/8) { accept }"

Thank you very much in advance!
 
aleksis
just joined
Posts: 8
Joined: Wed Apr 30, 2014 12:13 pm

Re: Help migrating filter rules from v6 to v7

Mon Oct 11, 2021 10:43 am

You can match chain like this:
add chain=MyTransitCustomer-IN rule="if (chain MyTransitCustomerAS) { set bgp-local-pref 300; set distance 10; accept; }"
 
jmginer
Member Candidate
Member Candidate
Topic Author
Posts: 141
Joined: Tue Dec 11, 2012 4:56 am
Contact:

Re: Help migrating filter rules from v6 to v7

Mon Oct 11, 2021 6:08 pm

Discard rules doesn't work?
/routing filter rule add chain=DECIX-IN rule="discard"
failure: "[Word {discard}]" - unknown action name

In my opinion, the documentation out there is very poor regarding the radical change with filters in v7.
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 6349
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: Help migrating filter rules from v6 to v7

Mon Oct 11, 2021 6:24 pm

ROS v7 doesn't have "discard" action.

Who is online

Users browsing this forum: Amazon [Bot], doush, vaka and 6 guests