BGP regex examples for filtering AS_PATHS Here are good ones: .* Matches anything .+ Match at least one character ^$ Match routes local to this AS _1800$ Originated by 1800 ^1800_ Received from 1800 _1800_ Via 1800 _790_1800_ Passing through 1800 then 790 _(1800_)+ Match at least one of 1800 in sequence _\(65350\)_ Via 65350 (confederation AS) ^[0-9]+$ Match AS_PATH length of one ^[0-9]+_[0-9]+$ Match AS_PATH length of two ^[0-9]*_[0-9]+$ Match AS_PATH length of one or two ^[0-9]*_[0-9]*$ Match AS_PATH length of one or two, and will also match zero ^[0-9]+_[0-9]+_[0-9]+$ Match AS_PATH length of three _(701|1800)_ Match anything which has gone through AS701 or AS1800 _1849(_.+._)12163$ Match anything of origin AS12163 and passed through AS1849 --------------------------------------------------------------------------------------------- !x router bgp EEE neighbor X.Y.Z.U prefix-list pfx-FILTER in ip prefix-list pfx-FILTER seq 5 deny A.B.C.D/22 !deny abcd/22 ip prefix-list pfx-FILTER seq 10 permit 0.0.0.0/0 le 32 !permit anything else ! pfx-FILTER denys that network A.B.C.D/22 is learned of the bgp neighbour X.Y.Z.U. ! --------------------------------------------------------------------------------------------- router bgp BBB neighbor X.Y.Z.U prefix-list pfx-FILTER out ! ! neighbor 157.161.190.193 filter-list 1 out ! AS-Filter-List ip prefix-list pfx-FILTER seq 5 deny A.B.C.D/22 !deny abcd/22 ip prefix-list pfx-FILTER seq 10 permit 0.0.0.0/0 le 32 !permit anything else ! ip as-path access-list 1 permit ^$ ! Filter only allows updates origination from local ! AS ! pfx-FILTER denys that network A.B.C.D/22 is propagated to the bgp neighbour X.Y.Z.U. --------------------------------------------------------------------------------------------- ----------------------------------------------------------------------------------------------