Extracting BGP info with regular expressions

By stretch | Saturday, May 10, 2008 at 11:54 a.m. UTC

A reader recently asked for some handy regular expressions for extracting useful information from BGP tables and outputs. Following are a few that I came up with. If you have any more please send them in or leave a comment!

To find all subnets originating from AS 100 (AS path ends with 100):

Router# show ip bgp regexp _100$
...
   Network          Next Hop            Metric LocPrf Weight Path
*  10.1.0.0/30      172.16.0.6                             0 300 100 ?
*>                  172.16.0.1               0             0 100 ?
*  172.16.0.0/30    172.16.0.6                             0 300 100 ?
*                   172.16.0.1               0             0 100 ?
...

To find all subnets reachable via AS 100 (AS path begins with 100):

Router# show ip bgp regexp ^100_
...
   Network          Next Hop            Metric LocPrf Weight Path
*> 10.1.0.0/30      172.16.0.1               0             0 100 ?
*  10.3.0.0/30      172.16.0.1                             0 100 300 ?
*  172.16.0.0/30    172.16.0.1               0             0 100 ?
*> 172.16.0.8/30    172.16.0.1               0             0 100 ?
...

To find all routes traversing AS 100:

Router# show ip bgp regexp _100_
...
   Network          Next Hop            Metric LocPrf Weight Path
*  10.1.0.0/30      172.16.0.6                             0 300 100 ?
*>                  172.16.0.1               0             0 100 ?
*  10.3.0.0/30      172.16.0.1                             0 100 300 ?
*  172.16.0.0/30    172.16.0.6                             0 300 100 ?
...

If you need to further filter the output, use quote-regexp instead. For example, to find all 172.x.x.x routes originating from AS 100:

Router# show ip bgp quote-regexp "_100$" | include ^.  172\.
*  172.16.0.0/30    172.16.0.6                             0 300 100 ?
*  172.31.0.1/32    172.16.0.6                             0 300 100 ?

Or, to find all subnets currently being reached via AS 100:

Router# show ip bgp quote-regexp "^100_" | i ^.> 
*> 10.1.0.0/30      172.16.0.1               0             0 100 ?
*> 172.16.0.8/30    172.16.0.1               0             0 100 ?
*> 172.31.0.1/32    172.16.0.1               0             0 100 ?

Unfortunately, Cisco's implementation of regular expressions is rather crippled. For (much) more advanced functionality, consider using Tcl scripting.

About the Author

Jeremy Stretch is a freelance networking engineer, instructor, and the maintainer of PacketLife.net. He currently lives in Fairfax, Virginia, on the edge of the Washington, DC metro area. Although primarily an R&S guy, he likes to get into everything, and runs a free network training lab out of his basement for fun. You can contact him by email or follow him on Twitter.

Posted in Tips and Tricks

Comments

Xboy_mr commented on Tuesday, May 10, 2011 at 5:33 p.m. UTC

جرمی، این ها دیگه چیه مینویسی؟ قبلا ها چیزای باحال تری می نوشتی.
دمت گرم

ioio commented on Sunday, May 6, 2012 at 12:38 p.m. UTC

excellent cheers

Leave a Comment


Register to comment as a member. You'll look cooler.

Optional; will not be displayed publicly or given out.

No commercial links. Only personal (e.g. blog, Twitter, or LinkedIn) and/or on-topic links, please.
What is the decimal equivalent of 0x5F0E?