add strip-private-asns

README.md

@@ -116,10 +116,6 @@ objects will not have sessions of that address family configured.
 
 bcg uses RFC 8092 BGP Large Communities
 
-#### Private ASNs
-
-bcg strips private ASNs before exporting to upstream sessions in range `[64512..65534, 4200000000..4294967294]`.
-
 #### "Peerlock Lite"
 
 Peers with type `peer` or `downstream` reject any route with a Tier 1 ASN in
@@ -182,6 +178,7 @@ path ([Peerlock Lite](https://github.com/job/peerlock)).
 | export-default | Should a default route be sent over the session? (default false)                                            |
 | no-specifics | Don't send specific routes (default false, make sure to enable export-default or else no routes will be exported) |
 | allow-blackholes | Accept community (ASN,0,666) to blackhole /32 and /128 prefixes |
+| strip-private-asns | Should private ASNs be stripped from path before exporting? (in range `[64512..65534, 4200000000..4294967294]`) |
 
 <details>
 <summary>Remarks</summary>

parser.go

@@ -28,29 +28,30 @@ var release = "devel" // This is set by go build
 
 // Peer contains all information specific to a single peer network
 type Peer struct {
-	Asn             uint     `yaml:"asn" toml:"ASN" json:"asn"`
-	Type            string   `yaml:"type" toml:"Type" json:"type"`
-	Prepends        uint     `yaml:"prepends" toml:"Prepends" json:"prepends"`
-	LocalPref       uint     `yaml:"local-pref" toml:"LocalPref" json:"local-pref"`
-	Multihop        bool     `yaml:"multihop" toml:"Multihop" json:"multihop"`
-	Passive         bool     `yaml:"passive" toml:"Passive" json:"passive"`
-	Disabled        bool     `yaml:"disabled" toml:"Disabled" json:"disabled"`
-	Password        string   `yaml:"password" toml:"Password" json:"password"`
-	Port            uint16   `yaml:"port" toml:"Port" json:"port"`
-	PreImport       string   `yaml:"pre-import" toml:"PreImport" json:"pre-import"`
-	PreExport       string   `yaml:"pre-export" toml:"PreExport" json:"pre-export"`
-	NeighborIps     []string `yaml:"neighbors" toml:"Neighbors" json:"neighbors"`
-	ImportLimit4    uint     `yaml:"import-limit4" toml:"ImportLimit4" json:"import-limit4"`
-	ImportLimit6    uint     `yaml:"import-limit6" toml:"ImportLimit6" json:"import-limit6"`
-	SkipFilter      bool     `yaml:"skip-filter" toml:"SkipFilter" json:"skip-filter"`
-	RsClient        bool     `yaml:"rs-client" toml:"RSClient" json:"rs-client"`
-	RrClient        bool     `yaml:"rr-client" toml:"RRClient" json:"rr-client"`
-	Bfd             bool     `yaml:"bfd" toml:"BFD" json:"bfd"`
-	EnforceFirstAs  bool     `yaml:"enforce-first-as" toml:"EnforceFirstAS" json:"enforce-first-as"`
-	SessionGlobal   string   `yaml:"session-global" toml:"SessionGlobal" json:"session-global"`
-	ExportDefault   bool     `yaml:"export-default" toml:"ExportDefault" json:"export-default"`
-	NoSpecifics     bool     `yaml:"no-specifics" toml:"NoSpecifics" json:"no-specifics"`
-	AllowBlackholes bool     `yaml:"allow-blackholes" toml:"AllowBlackholes" json:"allow-blackholes"`
+	Asn              uint     `yaml:"asn" toml:"ASN" json:"asn"`
+	Type             string   `yaml:"type" toml:"Type" json:"type"`
+	Prepends         uint     `yaml:"prepends" toml:"Prepends" json:"prepends"`
+	LocalPref        uint     `yaml:"local-pref" toml:"LocalPref" json:"local-pref"`
+	Multihop         bool     `yaml:"multihop" toml:"Multihop" json:"multihop"`
+	Passive          bool     `yaml:"passive" toml:"Passive" json:"passive"`
+	Disabled         bool     `yaml:"disabled" toml:"Disabled" json:"disabled"`
+	Password         string   `yaml:"password" toml:"Password" json:"password"`
+	Port             uint16   `yaml:"port" toml:"Port" json:"port"`
+	PreImport        string   `yaml:"pre-import" toml:"PreImport" json:"pre-import"`
+	PreExport        string   `yaml:"pre-export" toml:"PreExport" json:"pre-export"`
+	NeighborIps      []string `yaml:"neighbors" toml:"Neighbors" json:"neighbors"`
+	ImportLimit4     uint     `yaml:"import-limit4" toml:"ImportLimit4" json:"import-limit4"`
+	ImportLimit6     uint     `yaml:"import-limit6" toml:"ImportLimit6" json:"import-limit6"`
+	SkipFilter       bool     `yaml:"skip-filter" toml:"SkipFilter" json:"skip-filter"`
+	RsClient         bool     `yaml:"rs-client" toml:"RSClient" json:"rs-client"`
+	RrClient         bool     `yaml:"rr-client" toml:"RRClient" json:"rr-client"`
+	Bfd              bool     `yaml:"bfd" toml:"BFD" json:"bfd"`
+	EnforceFirstAs   bool     `yaml:"enforce-first-as" toml:"EnforceFirstAS" json:"enforce-first-as"`
+	SessionGlobal    string   `yaml:"session-global" toml:"SessionGlobal" json:"session-global"`
+	ExportDefault    bool     `yaml:"export-default" toml:"ExportDefault" json:"export-default"`
+	NoSpecifics      bool     `yaml:"no-specifics" toml:"NoSpecifics" json:"no-specifics"`
+	AllowBlackholes  bool     `yaml:"allow-blackholes" toml:"AllowBlackholes" json:"allow-blackholes"`
+	StripPrivateASNs bool     `yaml:"strip-private-asns" toml:"StripPrivateASNs" json:"strip-private-asns"`
 
 	AsSet      string   `yaml:"-" toml:"-" json:"-"`
 	QueryTime  string   `yaml:"-" toml:"-" json:"-"`
@@ -537,6 +538,7 @@ func main() {
 		log.Infof("[%s] export-default: %v", peerName, peerData.ExportDefault)
 		log.Infof("[%s] no-specifics: %v", peerName, peerData.NoSpecifics)
 		log.Infof("[%s] allow-blackholes: %v", peerName, peerData.AllowBlackholes)
+		log.Infof("[%s] strip-private-asns: %v", peerName, peerData.StripPrivateASNs)
 
 		// Check for additional options
 		if peerData.AsSet != "" {

templates/peer.tmpl

@@ -94,6 +94,11 @@ protocol bgp {{ $peer.Name }}v{{ $af }}_{{ $i }} {
 
         export filter {
             {{ $peer.PreExport }}
+
+            {{ if $peer.StripPrivateASNs }}
+            bgp_path.delete([64512..65534, 4200000000..4294967294]); # Strip private ASNs
+            {{ end }}
+
             {{ if or $global.OriginSet4 $global.OriginSet6 -}}
             accept_local(); # Originated
             process_prepends();