帮助我们改善您的体验。

让我们了解您的想法。

您是否能抽出两分钟的时间完成一份问卷调查?

Announcement: Try the Ask AI chatbot for answers to your technical questions about Juniper products and solutions.

close
header-navigation

Solutions

Featured solutions AI Campus and branch Data center WAN Security Service provider Cloud operator Industries
Campus and Branch

Welcome to the NOW Way to Wi-Fi

Take your networking performance to new heights with a modern, cloud-native, AI-Native architecture. Only Juniper can help you unleash the full potential of Wi-Fi 7 with our AI-Native platform for innovation.
Prepare for liftoff
Business intelligence analyst dashboard on virtual screen. Big data Graphs Charts.

AI Data Center Networking

Juniper’s AI data center solution is a quick way to deploy high performing AI training and inference networks that are the most flexible to design and easiest to manage with limited IT resources.
Find out more
Enterprise AI-Native Networking

Enterprise AI‑Native Routing

Juniper's Ai-Native routing solution delivers robust 400GbE and 800GbE capabilities for unmatched performance, reliability, and sustainability at scale.
Explore enterprise routing
Zero trust security

Ops4AI Lab

Visit our lab in Sunnyvale, CA and see our AI data center solution for yourself. You can try out your own model’s functionality and performance, too.
Visit the lab
Enterprise AI-Native Networking

Enterprise AI‑Native Routing

Juniper's Ai-Native routing solution delivers robust 400GbE and 800GbE capabilities for unmatched performance, reliability, and sustainability at scale.
Explore enterprise routing
Higher Education

Shaping Student Experiences: The NOW Way to Build Higher Education Networks

Juniper Networks CIO Sharon Mandell and a virtual summit of C-level IT leaders from prestigious institutions discuss ongoing efforts to support digital transformation on campus.
Watch now
Hand on tablet with healthcare overlay of graphics

Security in healthcare

In this IDC Spotlight report, discover how AI networking can automate and strengthen a healthcare ecosystem to defeat criminals and prevent loss. 
Gain insights into ecosystem security
Retail

The Future of In-Store Technologies

Retail experts Kevin McCartan, Senior IT Service Delivery Engineer at Musgrave; Jack Stratten of Insider Trends; and Christian Gilby, Senior Director of Product Marketing at Juniper Networks, discuss customer experiences.
See the future

Products

Wireless access Wired access SD-WAN / SASE Routing and switching Security Mist AI™ Management software Network operating system Blueprint for AI-Native Acceleration Optics
  • Operations
ACX7020 router

Juniper ACX7020 Cloud Metro Access Router

Legacy networks simply cannot meet the demands of today’s rapidly evolving metro landscape. Unlock a new generation of highly scalable architectures and automated operations with the Juniper ACX7020. 
Learn more
EX4000 Ethernet Switch

Next-gen AI-Native EX4000 line of switches

Lack of AI innovation from your current networking vendor slowing you down? Embrace Juniper’s cloud-native, AI-Native access switches that support every level and layer, across nearly every deployment.
Discover how
The Q and AI text with an image of Bob Friday and Kedar Dhuru.

The Q&AI Podcast

Delivering practical solutions and enriching discussions, this podcast series is a vital resource for those seeking an in-depth exploration of AI's transformative potential.
Catch the latest episode

Services

Services
Services AI Care

Juniper AI Care Services Revolutionize Your Service Experience

Our industry-first AI-Native services couple AIOps with our deep expertise across the full network life cycle. You can move from reactive response to proactive insight and action.
Explore AI Care Services
Services AI Data Center

Juniper AI Data Center Deployment Services Optimize Your AI Model Runs

We use our expertise and validated designs to help design, deploy, validate and tune networks, including GPUs and storage, to get the most from your AI infrastructure operation.
Learn about AI Data Center Deployment Services

Partners

Partners

Support and Documentation

Support and Documentation

Learn

About Juniper Training Events The Feed Resources Technology learning topics Thought leadership and insights
Audience raising hands up while businessman is speaking in training at the office.

Juniper certification and training news

See the latest
Ringing of the bell

All global events

See the latest
AI-native-now

AI-Native NOW event series

Explore events
AINN AI Innovation Impact Virtual Event

AI-Native NOW: AI Innovation and Impact

Register NOW
Juniper's Christina Hendrix at the head of a conference table. With the text "The NOW Way to Network" overlayed, with "NOW" emphasizing the "O" in green color.

The NOW Way to Network

Watch the video series
AI Native Now

Executive insights

Dive deep with leading experts and thought leaders on all the topics that matter most to your business, from AI to network security to driving rapid, relevant transformation for your business.
Learn more
A keynote speaker giving a presentation at a conference. There are dozens of people sitting around them. The presentation is displayed via projector on all the walls in the room.

Leadership voices

Juniper Networks’ leaders operate on the front lines of creating the network of the future. Take a look around to see what’s on their minds.
Watch now
Bob Friday and Jessica Garrison speaking

Bob Friday Talks

Join Bob as he ventures into all the knowns -- and -- unknowns -- of AI.
Catch the latest episode
Documentation
Menu
License Guide
Quick Starts
Validated Designs
Explore Pathfinder Apps
CLI Explorer
Feature Explorer
Hardware Compatibility Tool
Port Checker
Browse All
Collapse

Pathfinder Apps

All

By Software

By Hardware

Learn More
Pathfinder HomeCLI ExplorerCompliance AdvisorFeature ExplorerHardware Compatibility ToolJunos XML API ExplorerJunos YANG Data Model ExplorerPort CheckerPower CalculatorSNMP MIB ExplorerSystem Log Explorer
CLI ExplorerFeature ExplorerJunos XML API ExplorerJunos YANG Data Model ExplorerSNMP MIB ExplorerSystem Log Explorer
Compliance AdvisorFeature ExplorerHardware Compatibility ToolPort CheckerPower Calculator
Home Documentation Junos OS 路由策略、防火墙过滤器和流量监管器用户指南 了解和配置 Junos 路由策略 将 AS 路径配置为匹配条件

路由策略、防火墙过滤器和流量监管器用户指南

keyboard_arrow_up
close
keyboard_arrow_left
路由策略、防火墙过滤器和流量监管器用户指南
Table of Contents Expand all
list Table of Contents
在本页
keyboard_arrow_right

机器翻译对您有帮助吗?

starstarstarstarstar
Go to English page
免责声明:

我们将使用第三方机器翻译软件翻译本页面。瞻博网络虽已做出相当大的努力提供高质量译文,但无法保证其准确性。如果对译文信息的准确性有任何疑问,请参阅英文版本. 可下载的 PDF 仅提供英文版.

提高 BGP 策略中 AS 路径查找的性能

date_range 18-Jan-25
arrow_backward
arrow_forward

不带正则表达式的 BGP 策略中的 AS 路径查找概述

使用 BGP AS 路径和路由策略匹配条件时,您可以将 BGP 策略配置为检查 AS 路径中的自治系统 (AS) 匹配,而无需使用正则表达式。BGP 策略将 AS 与 AS 列表或 AS 列表组进行比较,如果找到匹配项,则返回 true。您可以配置 BGP 策略以检查匹配的源、邻居或中转 AS。与使用正则表达式相比,此功能提供了一种更快的替代方法来匹配源、中转和对等 AS 编号。

在 BGP 策略中不使用正则表达式的 AS 路径的优势:

  • 优化了对源、邻居、中转 AS 的查找,提高了性能。
  • 在速度方面提供更快的查找。

支持以下操作来匹配 AS 路径中的 AS:

  • 匹配 AS 路径中的始发 AS — 比较发起路由的 AS。评估 AS 路径上最右侧的 AS 编号是否属于as-list层次结构级别的配置语句[edit policy-options policy-statement policy-name from]as-path-origins指定的或as-list-group。如果路由已聚合,并且始发 AS 的位置包含 AS 集,as-path-origins则如果 AS 集中包含的任何 AS 属于as-list配置语句中as-path-origins指定的或as-list-group,则操作员的计算结果为 true。

  • 匹配 AS 路径中的邻接方 AS — 比较 AS 路径中的邻接方 AS。评估 AS 路径上的第一个 AS 编号是否与层次结构级别的[edit policy-options policy-statement policy-name from]配置语句中as-path-neighbors指定的或as-list-group匹配as-list。如果相邻的 AS 位置恰好是 AS 集,as-path-neighbors那么当 AS 集中包含的任何 AS 属于配置as-list语句中as-path-neighbors指定的或as-list-group时,操作员的计算结果为 true。

  • 匹配 AS 路径中的中转 AS — 比较 AS 路径中的任何 AS。评估任何 AS 何时属于as-listas-list-group层次结构级别的配置语句[edit policy-options policy-statement policy-name from]as-path-transit指定。对于 AS 集,as 路径传输运算符会比较 AS 集中的所有 AS。

在不使用正则表达式的情况下配置 AS 路径查找

您可以通过为源、邻接方和中转 AS 定义 AS 列表或 AS 列表组来配置 AS 路径查找,并在不使用正则表达式的情况下过滤路由。

下表显示了基于正则表达式的通用匹配配置以及执行时间更快的等效匹配。

匹配类型 基于正则表达式的通用匹配 等效匹配,执行时间更快
同辈 将策略选项设置为路径对等匹配“^101.*” 设置策略选项作为列表对等匹配成员 101
通过 将策略选项设置为路径传输匹配“.*61453.*10001.*40007$” 将策略选项设置为列表传输匹配成员 61453
起源 将策略选项设置为路径源匹配“.*54367$” 将策略选项设置为列表原点匹配成员 54367

以下示例配置显示了如何为源、邻居和中转 AS 定义 AS 列表 (as-list as-list-name),以及如何在不使用正则表达式的情况下使用策略过滤路由:

步骤 1:定义用于匹配源、邻居和中转 AS 的 AS 列表,并将其应用为过滤器以使用策略过滤路由。

content_copy zoom_out_map
set policy-options as-list origin-match members 54367
set policy-options as-list neighbor-match members 101
set policy-options as-list transit-match members 61453
set policy-options as-list transit-match members 10001
注:

您还可以为匹配源、邻居和中转 AS 定义 AS 列表组 (as-list-group group-name),以使用策略过滤路由。以下是定义 AS 列表组以匹配源 AS 的示例配置,以使用策略过滤路由:

content_copy zoom_out_map
set policy-options as-list-group origin_group as-list origin-match-1 members 3-4
set policy-options as-list-group origin_group as-list origin-match-2 members 6-9
set policy-options policy-statement neighbor-accept term 1 from as-path-origins as-list-group origin_group
set policy-options policy-statement neighbor-accept term 1 then accept
set policy-options policy-statement neighbor-accept term 2 then reject
注:

匹配源、邻居和传输 AS 的 AS 列表组可以是 AS 成员(例如 101)或一系列 AS 成员(例如 6-9)。在这种情况下,将匹配源自 6、7、8、9 的所有路由。

如果使用一系列 AS 成员(从开始到完成),则 as 开始成员值应小于或等于完成成员值。AS 成员或 AS 成员范围(从开始到结束)不能为 0。

as-listas-list-group定义 AS 集。

对源和邻接方执行 AS 集查找时,将匹配 AS 路径中的第一个或最后一个 AS。对于传输,AS 路径上可能有多次迭代来执行 AS 集查找。

步骤 2:配置策略以基于源、邻居和中转 AS 匹配和过滤路由。

content_copy zoom_out_map
set policy-options policy-statement as-list-match term transit-match from as-path-transits as-list transit-match
set policy-options policy-statement as-list-match term transit-match then local-preference 300
set policy-options policy-statement as-list-match term transit-match then accept
set policy-options policy-statement as-list-match term origin-match from as-path-origins as-list origin-match
set policy-options policy-statement as-list-match term origin-match then local-preference 400
set policy-options policy-statement as-list-match term origin-match then accept
set policy-options policy-statement as-list-match term neighbor-match from as-path-neighbors as-list peer-match
set policy-options policy-statement as-list-match term peer-match then local-preference 200
set policy-options policy-statement as-list-match term peer-match then accept

步骤 3:定义本地自治系统。

content_copy zoom_out_map
set routing-options autonomous-system 100

步骤 4:将策略应用为 BGP 导入策略以筛选路由。

content_copy zoom_out_map
set protocols bgp group ebgp-1 type external
set protocols bgp group ebgp-1 import as-list-match
set protocols bgp group ebgp-1 family inet unicast
set protocols bgp group ebgp-1 neighbor 192.168.1.2 peer-as 101
set protocols bgp group ebgp-1 neighbor 192.168.1.6 peer-as 102
注:

此策略可作为导入或导出策略应用,以筛选路由以执行策略中定义的相应操作。

您可以使用 show route CLI 命令查看路由表中的路由。

注:

from 子句匹配条件中的配置语句出现在两个 [edit policy-options policy-statement policy-name from] 级别和 [edit policy-options policy-statement policy-name term term-name from] 层次结构级别中。

arrow_backward PREVIOUS 示例:在 BGP 中通告多条路径
NEXT arrow_forward 将 BGP 社区、扩展社区和大型社区理解为路由策略匹配条件
footer-navigation

© 1999 - 2025 Juniper Networks, Inc. All rights reserved.

Scroll to top