Using RegEx to Remove AS Numbers from BGP AS-Path Attribute

Overview

There are different attributes that determine how BGP chooses the path to reach a prefix/network. Network engineers can influence these attributes to match their network requirements. This document describes how to manipulate the AS_path (autonomous path) attribute using regular expressions.

For this document, the example objective is for the Palo Alto Networks firewall to prefer the path through ISP_2 to reach the 172.30.2.0/23 network. We can achieve this by removing AS numbers 200 and 400 from the AS_path learned from ISP_2 for this prefix.

Network Scenario

The following topology will be used for this document:

A screenshot of a cloud network AI-generated content may be incorrect.

Steps

Go to Network > Virtual Routers and select the appropriate router
Next, go to BGP > Import
Enter a rule name, enable the rule, and select the appropriate eBGP peer
In the match tab, enter (200|400) for the regex expression and 172.30.2.0/23 for the address prefix to modify its AS_Path.
Note: To modify the AS_Path for all prefixes, leave the address prefix tab blank.
In the Action tab, set Action to 'Allow' and select the 'Remove' radio button to remove the AS paths.
Press OK and the Import rule should look like the following:

Note: If the configuration is committed at this point, the desired AS_paths would be removed but only the 172.30.2.0/23 prefix would be imported from the eBGP peer.
There is an implicit deny rule that is triggered once any rules are created in the export or import tabs (the same is true for OSPF export). Add an allow rule to make sure you are importing other prefixes. The Import tab should now appear like the following:
Commit and verify