Extracting BGP info with regular expressions
A reader recently asked for some handy regular expressions for extracting useful information from BGP tables and outputs. Following are a few that I came up with. If you have any more please send them in or leave a comment!
To find all subnets originating from AS 100 (AS path ends with 100):
Router# show ip bgp regexp _100$ ... Network Next Hop Metric LocPrf Weight Path * 10.1.0.0/30 172.16.0.6 0 300 100 ? *> 172.16.0.1 0 0 100 ? * 172.16.0.0/30 172.16.0.6 0 300 100 ? * 172.16.0.1 0 0 100 ? ...
To find all subnets reachable via AS 100 (AS path begins with 100):
Router# show ip bgp regexp ^100_ ... Network Next Hop Metric LocPrf Weight Path *> 10.1.0.0/30 172.16.0.1 0 0 100 ? * 10.3.0.0/30 172.16.0.1 0 100 300 ? * 172.16.0.0/30 172.16.0.1 0 0 100 ? *> 172.16.0.8/30 172.16.0.1 0 0 100 ? ...
To find all routes traversing AS 100:
Router# show ip bgp regexp _100_ ... Network Next Hop Metric LocPrf Weight Path * 10.1.0.0/30 172.16.0.6 0 300 100 ? *> 172.16.0.1 0 0 100 ? * 10.3.0.0/30 172.16.0.1 0 100 300 ? * 172.16.0.0/30 172.16.0.6 0 300 100 ? ...
If you need to further filter the output, use quote-regexp instead. For example, to find all 172.x.x.x routes originating from AS 100:
Router# show ip bgp quote-regexp "_100$" | include ^. 172\. * 172.16.0.0/30 172.16.0.6 0 300 100 ? * 172.31.0.1/32 172.16.0.6 0 300 100 ?
Or, to find all subnets currently being reached via AS 100:
Router# show ip bgp quote-regexp "^100_" | i ^.> *> 10.1.0.0/30 172.16.0.1 0 0 100 ? *> 172.16.0.8/30 172.16.0.1 0 0 100 ? *> 172.31.0.1/32 172.16.0.1 0 0 100 ?
Unfortunately, Cisco's implementation of regular expressions is rather crippled. For (much) more advanced functionality, consider using Tcl scripting.
Posted in Tips and Tricks
