"Tactical" /24 announcements

Jakob Heitz (jheitz) jheitz at cisco.com
Mon Aug 16 14:58:38 UTC 2021


The feature is in 7.2.1. The documentation has not made it to the
command reference.

There is no expansion to prefix-set. The command checks the origin-AS
in the route. You should confirm the origin-AS with the prefix
using RPKI and/or another route-policy statement.
This way the final route-policy configuration will be much smaller.

I'm happy to answer more questions or requests for improvement
on or off list.


-----Original Message-----
From: Saku Ytti <saku at ytti.fi> 
Sent: Saturday, August 14, 2021 11:11 PM
To: Jakob Heitz (jheitz) <jheitz at cisco.com>
Cc: nanog at nanog.org
Subject: Re: "Tactical" /24 announcements

Hey Jakob,

Is there documentation for this somewhere? Are you saying that the
IOS-XR host will connect to some (configured?) server to expand the
as-set, and at what time? Commit time? Once every N?

On Sun, 15 Aug 2021 at 04:50, Jakob Heitz (jheitz) via NANOG
<nanog at nanog.org> wrote:
> Ytti,
> We have introduced the scalable as-set into the XR route policy language.
> as-path-set does not scale well with 1000's of ASNs.
> Now, you don't need to expand AS-SET into prefix-set, just enter it directly.
> Example:
> as-set test
>   2914,
>   3356,
> end-set
> !
> route-policy sample
>   if as-path originates-from test then
>     pass
>   endif
> end-policy
> If this does not meet your needs and you need improvements, let me know.
> Kind Regards,
> Jakob.
> -------------------------------------------------------------
> Date: Mon, 9 Aug 2021 19:10:23 +0300
> From: Saku Ytti <saku at ytti.fi>
> We just recently learned of a IOS-XR prefix-set limit of 300001 when a
> particular customer AS-SET expanded to a higher number of prefixes.
> --
>   ++ytti


More information about the NANOG mailing list