We all know the lovely routing daemon called Bird. However, the official documentation can be a bit lacking and daunting. Here’s my collection of useful examples
Useful links
Useful commands
Show Tier 1 in path
bird> show route where bgp_path ~ [ 174, 209, 701, 702, 1239, 1299, 2914, 3257, 3320, 3356, 3549, 3561, 4134, 5511, 6453, 6461, 6762, 7018 ]
Shows all routes with Tier 1 ASNs in AS_PATH (adapted from here). Useful in combination with the “protocol <xyz>” filter to check whether your peering partner leaks transit routes.
Exact path matching
bird> show route where bgp_path ~ [= 174 60068 =] all
Shows all routes where the AS_PATH is exactly “174 60068”. Will not match “1234 174 60068” or “174 60068 1234”.
Path matching “starts with”
bird> show route where bgp_path ~ [= 174 60068 * =] all
Shows all routes where the AS_PATH starts with “174 60068”. Will not match “1234 174 60068”. Will match “174 60068 1234”.
Path matching “ends with”
bird> show route where bgp_path ~ [= * 174 60068 =] all
Shows all routes where the AS_PATH ends with “174 60068”. Will not match “174 60068 1234”. Will match “1234 174 60068”.
Path matching “contains”
bird> show route where bgp_path ~ [= * 174 60068 * =] all
Shows all routes where the AS_PATH contains “174 60068”. Will match “174 60068 1234”, “1234 174 60068”, “1234 174 60068 1234”.
Paths with a specific BGP next hop
bird> show route where bgp_path_nexthop = 1.2.3.4 all
Show all routes where the BGP.next_hop points at 1.2.3.4
Example configurations
BGP communities
Adding new extended and large communities:
bgp_ext_community.add((rt,1234,567890)); bgp_large_community.add((123,456,789));
Matching on extended and large communities:
if ((123, 456, 789) ~ bgp_large_community) then ...; if ((rt, 1234, 567890) ~ bgp_ext_community) then ...;
Stripping BGP large communities with wildcards:
bgp_large_community.delete([(123456, *, *)]);
Peering sanity
Rejecting RPKI invalid routes:
roa table master; if roa_check(master, net, bgp_path.last) = ROA_INVALID then { print "Reject: INVALID RPKI route: ", net, " ", bgp_path; reject; }
Don’t import routes which would be unreachable:
if dest = RTD_UNREACHABLE then reject;
Enforcing that peers don’t strip their ASN out of the path (6939 is an example peer ASN):
if (bgp_path.first != 6939) then reject;
Preventing overly long AS_PATHs:
if bgp_path.len > 64 then reject;
Rob L
February 1, 2022 — 1:17 pm
Great!
I would add this: CLI command for finding all prefixes with a given large community:
To find matching: 64496:1000:1
show route where (bgp_large_community ~ [(64496, 1000, 1)])
or for a specific table:
show route table table_name where (bgp_large_community ~ [(64496, 1000, 1)])