Community discussions

MikroTik App
 
maaathieu
just joined
Topic Author
Posts: 3
Joined: Mon Aug 12, 2019 5:12 pm

bgp filter problem

Wed Apr 06, 2022 1:24 pm

Hi

Since ros v7.1, I have a problem with a bgp filter concerning the bogon list that I receive from team cymru.

My filter looks like this:
 1   chain=cymru-in rule="if ( bgp-communities includes 65332:888 ) { set blackhole yes; accept;} else { reject;}"
but the routes are not blackholed, for example:
 Fb   afi=ip4 contribution=filtered dst-address=23.135.225.0/24 routing-table=main gateway=38.229.6.20 immediate-gw=1.2.3.4%ether5_832 distance=20 scope=40 
       target-scope=30 belongs-to="BGP IP routes from 38.229.6.20" 
       bgp.peer-cache-id=*B000004 .as-path="65332" .communities=65332:888,no-export .atomic-aggregate=no .origin=igp 
       debug.fwp-ptr=0x20282360 
If I append a ramdom community before this rule, like this:
 0   chain=cymru-in rule="append bgp-communities 1:1" 

 1   chain=cymru-in rule="if ( bgp-communities includes 65332:888 ) { set blackhole yes; accept;} else { reject;}" 
then it works:
 Ab B afi=ip4 contribution=active dst-address=23.135.225.0/24 routing-table=main immediate-gw="" distance=20 scope=40 target-scope=30 
       belongs-to="BGP IP routes from 38.229.6.20" 
       bgp.peer-cache-id=*B000004 .as-path="65332" .communities=1:1,no-export,65332:888 .atomic-aggregate=no .origin=igp 
       debug.fwp-ptr=0x202823C0 

Am I doing something wrong, or is this a bug ?

Thanks,

Mat

Who is online

Users browsing this forum: No registered users and 2 guests