Doesn't use case construct at all, so there is something special, I think.
In OSPF, maybe, you can better use something like:
if net ~ [ 1.1.1.1/32, 2.2.2.2/32 ] then accept;
reject;
Вы писали 29 сентября 2016 г., 12:01:00:
|
Construction with single IP addresses passes syntax check, but filter does not work as expected – it passes all routes and does not filter anything. I have ugly workaround which works: filter permit_white { if net = 1.1.1.1/32 then { accept; } if net = 2.2.2.2/32 then { accept; } else { reject; } }
There are no examples on the internet with ‘case’ statement, seems the feature is rarely used and even implemented with some mistakes, isn’t it?
ROA table would be helpful, but if I understood this feature correctly, it is used for BGP, but in my case I use OSPF only.
------------------------------------------ Служба поддержки серверов Группа сетевого администрирования ДПП.УТП.СПС ЗАО ПФ «СКБ-Контур», Тел. +7 (343) 344-11-50 доб. 75352 e-mail: dc-...@skbkontur.ru
From: Василий Олейников [mailto:oleyniko...@ufanet.ru] Sent: Thursday, September 29, 2016 11:45 AM To: Войнович Андрей Александрович <andr...@skbkontur.ru> Cc: bird-users@network.cz Subject: Re: filter all prefixes except a few with 'case' control
It seems, that case doesn't work with prefix, only with single ip
As I see, this construct:
case net { 1.1.1.1:accept; 2.2.2.2:accept; else: reject; }
works fine.
Maybe, ROA table can help you to simplify config?
-- С уважением, Василий Олейников Системный администратор Отдел эксплуатации и развития магистральной сети Служба СПО ОАО "Уфанет" тел. +7 (347) 2-900-402 вн.3314 моб. +7 937 333 45 56 |
--
С уважением,
Василий Олейников
Системный администратор
Отдел эксплуатации и развития магистральной сети
Служба СПО ОАО "Уфанет"
тел. +7 (347) 2-900-402 вн.3314
моб. +7 937 333 45 56
