RE: "Tactical" /24 announcements

["Jakob Heitz \(jheitz\) via NANOG" <nanog () nanog org>]

Saku,

The feature is in 7.2.1. The documentation has not made it to the
command reference.

There is no expansion to prefix-set. The command checks the origin-AS
in the route. You should confirm the origin-AS with the prefix
using RPKI and/or another route-policy statement.
This way the final route-policy configuration will be much smaller.

I'm happy to answer more questions or requests for improvement
on or off list.

Regards,
Jakob.

-----Original Message-----
From: Saku Ytti <saku () ytti fi> 
Sent: Saturday, August 14, 2021 11:11 PM
To: Jakob Heitz (jheitz) <jheitz () cisco com>
Cc: nanog () nanog org
Subject: Re: "Tactical" /24 announcements

Hey Jakob,

Is there documentation for this somewhere? Are you saying that the
IOS-XR host will connect to some (configured?) server to expand the
as-set, and at what time? Commit time? Once every N?

On Sun, 15 Aug 2021 at 04:50, Jakob Heitz (jheitz) via NANOG
<nanog () nanog org> wrote:
> Ytti,
>
> We have introduced the scalable as-set into the XR route policy language.
> as-path-set does not scale well with 1000's of ASNs.
> Now, you don't need to expand AS-SET into prefix-set, just enter it directly.
> Example:
> as-set test
>   2914,
>   3356,
> end-set
> !
> route-policy sample
>   if as-path originates-from test then
>     pass
>   endif
> end-policy
>
> If this does not meet your needs and you need improvements, let me know.
>
> Kind Regards,
> Jakob.
>
> -------------------------------------------------------------
> Date: Mon, 9 Aug 2021 19:10:23 +0300
> From: Saku Ytti <saku () ytti fi>
>
> We just recently learned of a IOS-XR prefix-set limit of 300001 when a
> particular customer AS-SET expanded to a higher number of prefixes.
>
> --
>   ++ytti


-- 
  ++ytti