From: Claudio Jeker <cjeker@diehard.n-r-g.com>
Subject: Re: BGPd "prepend-as" feature
To: dns@strangeloop.cc
Cc: tech@openbsd.org
Date: Wed, 20 May 2026 13:50:14 +0200

On Wed, May 20, 2026 at 11:13:49AM +0300, dns@strangeloop.cc wrote:
> Hi guys!
> 
> I thought I'd post this, been hanging around for awhile, just in case if any
> maintainer is interested. :)
> On my network, I "need" the ability to prepend a specific AS number for some
> routes so I made these additions.

Please explain why you need this. I don't want to add a way to modify
ASPATH with random AS numbers unless there is a very good reason.
Many route leaks come from such dangerous syntax options and people fat
fingering an ASN.
 
> TIA,
> Dennis
> OpenBSD (alpha) since 2001
> 
> --- rde_filter.c.orig	Fri Oct 20 22:39:00 2023
> +++ rde_filter.c	Thu Oct  3 21:46:12 2024
> @@ -125,6 +125,14 @@
>  			state->aspath.aspath = aspath_get(np, nl);
>  			free(np);
>  			break;
> +		case ACTION_SET_PREPEND_AS:
> +			prep_as = set->action.id;
> +			np = aspath_prepend(state->aspath.aspath, prep_as,
> +			    1, &nl);
> +			aspath_put(state->aspath.aspath);
> +			state->aspath.aspath = aspath_get(np, nl);
> +			free(np);
> +			break;
>  		case ACTION_SET_AS_OVERRIDE:
>  			if (from == NULL)
>  				break;
> @@ -609,6 +617,11 @@
>  			    a->action.prepend == b->action.prepend)
>  				continue;
>  			break;
> +		case ACTION_SET_PREPEND_AS:
> +			if (a->type == b->type &&
> +			    a->action.id == b->action.id)
> +				continue;
> +			break;
>  		case ACTION_SET_AS_OVERRIDE:
>  			if (a->type == b->type)
>  				continue;
> @@ -717,6 +730,8 @@
>  		return ("prepend-self");
>  	case ACTION_SET_PREPEND_PEER:
>  		return ("prepend-peer");
> +	case ACTION_SET_PREPEND_AS:
> +		return ("prepend-as");
>  	case ACTION_SET_AS_OVERRIDE:
>  		return ("as-override");
>  	case ACTION_SET_NEXTHOP:
> --- parse.y.orig	Wed May 20 10:24:41 2026
> +++ parse.y	Fri May  2 12:35:28 2025
> @@ -264,8 +264,8 @@
>  %token	ASPASET ROASET ORIGINSET OVS AVS EXPIRES
>  %token	ASSET SOURCEAS TRANSITAS PEERAS PROVIDERAS CUSTOMERAS MAXASLEN
> MAXASSEQ
>  %token	SET LOCALPREF MED METRIC NEXTHOP REJECT BLACKHOLE NOMODIFY SELF
> -%token	PREPEND_SELF PREPEND_PEER PFTABLE WEIGHT RTLABEL ORIGIN PRIORITY
> -%token	ERROR INCLUDE
> +%token	PREPEND_SELF PREPEND_PEER PREPEND_AS PFTABLE WEIGHT RTLABEL ORIGIN
> +%token	PRIORITY ERROR INCLUDE
>  %token	IPSEC ESP AH SPI IKE
>  %token	IPV4 IPV6 EVPN
>  %token	QUALIFY VIA
> @@ -3322,6 +3322,12 @@
>  			$$->type = ACTION_SET_PREPEND_SELF;
>  			$$->action.prepend = $2;
>  		}
> +		| PREPEND_AS NUMBER		{
> +			if (($$ = calloc(1, sizeof(struct filter_set))) == NULL)
> +				fatal(NULL);
> +			$$->type = ACTION_SET_PREPEND_AS;
> +			$$->action.id = $2;
> +		}
>  		| PREPEND_PEER NUMBER		{
>  			if ($2 < 0 || $2 > 128) {
>  				yyerror("bad number of prepends");
> @@ -3656,6 +3662,7 @@
>  		{ "prefix",		PREFIX },
>  		{ "prefix-set",		PREFIXSET },
>  		{ "prefixlen",		PREFIXLEN },
> +		{ "prepend-as",		PREPEND_AS},
>  		{ "prepend-neighbor",	PREPEND_PEER },
>  		{ "prepend-self",	PREPEND_SELF },
>  		{ "priority",		PRIORITY },
> --- bgpd.conf.5.orig	Wed May 20 10:28:10 2026
> +++ bgpd.conf.5	Tue Oct 28 13:52:52 2025
> @@ -2358,6 +2358,12 @@
>  times to the
>  .Em AS path .
>  .Pp
> +.It Ic prepend-as Ar number
> +Prepend AS
> +.Ar number
> +to the
> +.Em AS path .
> +.Pp
>  .It Ic rtlabel Ar label
>  Add the prefix to the kernel routing table with the specified
>  .Ar label .
> 

-- 
:wq Claudio