Perhaps s/bgp_path.last_nonaggregated/bgp_path.last/g

bgp_path.last is consistent with RFC 6907 7.1.9-11 according to BIRD
developers.

CHANGES.rst

@@ -121,7 +121,7 @@ Most of this release is based on the work made by `Claudio Jeker <https://github
 v0.19.1
 -------
 
-- Fix (BIRD configuration only): change ``bgp_path.last`` with ``bgp_path.last_nonaggregated``.
+- Fix (BIRD configuration only): change ``bgp_path.last`` with ``bgp_path.last``.
 
   When a route is originated from the aggregation of two different routes using the AS_SET, ``bgp_path.last`` always returns 0, so the origin ASN validation against IRR always fails.
 

examples/bird2_rpki_rtr/bird_v2.conf

@@ -384,7 +384,7 @@ function add_noexport_noadvertise(int peer_as) {
 
 # AS-SET for AS10745_1
 function origin_as_is_in_AS10745_1_as_set() {
-	if bgp_path.last_nonaggregated ~ AS_SET_AS10745_asns then
+	if bgp_path.last ~ AS_SET_AS10745_asns then
 		return true;
 	return false;
 }
@@ -423,7 +423,7 @@ bool validated;
 
 
 	if !validated && !origin_ok then {
-		reject "origin ASN [", bgp_path.last_nonaggregated, "] not in allowed as-sets - REJECTING ", net;
+		reject "origin ASN [", bgp_path.last, "] not in allowed as-sets - REJECTING ", net;
 
 	}
 	if !validated && !prefix_ok then {
@@ -570,7 +570,7 @@ protocol bgp AS10745_1 {
 
 # AS-SET for AS10745_2
 function origin_as_is_in_AS10745_2_as_set() {
-	if bgp_path.last_nonaggregated ~ AS_SET_AS10745_asns then
+	if bgp_path.last ~ AS_SET_AS10745_asns then
 		return true;
 	return false;
 }
@@ -609,7 +609,7 @@ bool validated;
 
 
 	if !validated && !origin_ok then {
-		reject "origin ASN [", bgp_path.last_nonaggregated, "] not in allowed as-sets - REJECTING ", net;
+		reject "origin ASN [", bgp_path.last, "] not in allowed as-sets - REJECTING ", net;
 
 	}
 	if !validated && !prefix_ok then {
@@ -760,7 +760,7 @@ protocol bgp AS10745_2 {
 
 # AS-SET for AS3333_1
 function origin_as_is_in_AS3333_1_as_set() {
-	if bgp_path.last_nonaggregated ~ AS_SET_AS3333_asns then
+	if bgp_path.last ~ AS_SET_AS3333_asns then
 		return true;
 	return false;
 }
@@ -799,7 +799,7 @@ bool validated;
 
 
 	if !validated && !origin_ok then {
-		reject "origin ASN [", bgp_path.last_nonaggregated, "] not in allowed as-sets - REJECTING ", net;
+		reject "origin ASN [", bgp_path.last, "] not in allowed as-sets - REJECTING ", net;
 
 	}
 	if !validated && !prefix_ok then {

examples/bird_hooks/bird4.conf

@@ -471,7 +471,7 @@ function add_noexport_noadvertise(int peer_as) {
 
 # AS-SET for AS10745_1
 function origin_as_is_in_AS10745_1_as_set() {
-	if bgp_path.last_nonaggregated ~ AS_SET_AS10745_asns then
+	if bgp_path.last ~ AS_SET_AS10745_asns then
 		return true;
 	return false;
 }
@@ -519,7 +519,7 @@ bool validated;
 
 
 	if !validated && !origin_ok then {
-		reject "origin ASN [", bgp_path.last_nonaggregated, "] not in allowed as-sets - REJECTING ", net;
+		reject "origin ASN [", bgp_path.last, "] not in allowed as-sets - REJECTING ", net;
 
 	}
 	if !validated && !prefix_ok then {
@@ -674,7 +674,7 @@ protocol bgp AS10745_1 {
 
 # AS-SET for AS3333_1
 function origin_as_is_in_AS3333_1_as_set() {
-	if bgp_path.last_nonaggregated ~ AS_SET_AS3333_asns then
+	if bgp_path.last ~ AS_SET_AS3333_asns then
 		return true;
 	return false;
 }
@@ -722,7 +722,7 @@ bool validated;
 
 
 	if !validated && !origin_ok then {
-		reject "origin ASN [", bgp_path.last_nonaggregated, "] not in allowed as-sets - REJECTING ", net;
+		reject "origin ASN [", bgp_path.last, "] not in allowed as-sets - REJECTING ", net;
 
 	}
 	if !validated && !prefix_ok then {

examples/bird_hooks/bird6.conf

@@ -509,7 +509,7 @@ function add_noexport_noadvertise(int peer_as) {
 
 # AS-SET for AS10745_2
 function origin_as_is_in_AS10745_2_as_set() {
-	if bgp_path.last_nonaggregated ~ AS_SET_AS10745_asns then
+	if bgp_path.last ~ AS_SET_AS10745_asns then
 		return true;
 	return false;
 }
@@ -557,7 +557,7 @@ bool validated;
 
 
 	if !validated && !origin_ok then {
-		reject "origin ASN [", bgp_path.last_nonaggregated, "] not in allowed as-sets - REJECTING ", net;
+		reject "origin ASN [", bgp_path.last, "] not in allowed as-sets - REJECTING ", net;
 
 	}
 	if !validated && !prefix_ok then {

examples/default/bird4.conf

@@ -224,7 +224,7 @@ function add_noexport_noadvertise(int peer_as) {
 
 # AS-SET for AS10745_1
 function origin_as_is_in_AS10745_1_as_set() {
-	if bgp_path.last_nonaggregated ~ AS_SET_AS10745_asns then
+	if bgp_path.last ~ AS_SET_AS10745_asns then
 		return true;
 	return false;
 }
@@ -262,7 +262,7 @@ bool validated;
 
 
 	if !validated && !origin_ok then {
-		reject "origin ASN [", bgp_path.last_nonaggregated, "] not in allowed as-sets - REJECTING ", net;
+		reject "origin ASN [", bgp_path.last, "] not in allowed as-sets - REJECTING ", net;
 
 	}
 	if !validated && !prefix_ok then {
@@ -389,7 +389,7 @@ protocol bgp AS10745_1 {
 
 # AS-SET for AS3333_1
 function origin_as_is_in_AS3333_1_as_set() {
-	if bgp_path.last_nonaggregated ~ AS_SET_AS3333_asns then
+	if bgp_path.last ~ AS_SET_AS3333_asns then
 		return true;
 	return false;
 }
@@ -427,7 +427,7 @@ bool validated;
 
 
 	if !validated && !origin_ok then {
-		reject "origin ASN [", bgp_path.last_nonaggregated, "] not in allowed as-sets - REJECTING ", net;
+		reject "origin ASN [", bgp_path.last, "] not in allowed as-sets - REJECTING ", net;
 
 	}
 	if !validated && !prefix_ok then {

examples/default/bird6.conf

@@ -262,7 +262,7 @@ function add_noexport_noadvertise(int peer_as) {
 
 # AS-SET for AS10745_2
 function origin_as_is_in_AS10745_2_as_set() {
-	if bgp_path.last_nonaggregated ~ AS_SET_AS10745_asns then
+	if bgp_path.last ~ AS_SET_AS10745_asns then
 		return true;
 	return false;
 }
@@ -300,7 +300,7 @@ bool validated;
 
 
 	if !validated && !origin_ok then {
-		reject "origin ASN [", bgp_path.last_nonaggregated, "] not in allowed as-sets - REJECTING ", net;
+		reject "origin ASN [", bgp_path.last, "] not in allowed as-sets - REJECTING ", net;
 
 	}
 	if !validated && !prefix_ok then {

examples/default/bird_v2.conf

@@ -338,7 +338,7 @@ function add_noexport_noadvertise(int peer_as) {
 
 # AS-SET for AS10745_1
 function origin_as_is_in_AS10745_1_as_set() {
-	if bgp_path.last_nonaggregated ~ AS_SET_AS10745_asns then
+	if bgp_path.last ~ AS_SET_AS10745_asns then
 		return true;
 	return false;
 }
@@ -377,7 +377,7 @@ bool validated;
 
 
 	if !validated && !origin_ok then {
-		reject "origin ASN [", bgp_path.last_nonaggregated, "] not in allowed as-sets - REJECTING ", net;
+		reject "origin ASN [", bgp_path.last, "] not in allowed as-sets - REJECTING ", net;
 
 	}
 	if !validated && !prefix_ok then {
@@ -513,7 +513,7 @@ protocol bgp AS10745_1 {
 
 # AS-SET for AS10745_2
 function origin_as_is_in_AS10745_2_as_set() {
-	if bgp_path.last_nonaggregated ~ AS_SET_AS10745_asns then
+	if bgp_path.last ~ AS_SET_AS10745_asns then
 		return true;
 	return false;
 }
@@ -552,7 +552,7 @@ bool validated;
 
 
 	if !validated && !origin_ok then {
-		reject "origin ASN [", bgp_path.last_nonaggregated, "] not in allowed as-sets - REJECTING ", net;
+		reject "origin ASN [", bgp_path.last, "] not in allowed as-sets - REJECTING ", net;
 
 	}
 	if !validated && !prefix_ok then {
@@ -692,7 +692,7 @@ protocol bgp AS10745_2 {
 
 # AS-SET for AS3333_1
 function origin_as_is_in_AS3333_1_as_set() {
-	if bgp_path.last_nonaggregated ~ AS_SET_AS3333_asns then
+	if bgp_path.last ~ AS_SET_AS3333_asns then
 		return true;
 	return false;
 }
@@ -731,7 +731,7 @@ bool validated;
 
 
 	if !validated && !origin_ok then {
-		reject "origin ASN [", bgp_path.last_nonaggregated, "] not in allowed as-sets - REJECTING ", net;
+		reject "origin ASN [", bgp_path.last, "] not in allowed as-sets - REJECTING ", net;
 
 	}
 	if !validated && !prefix_ok then {

examples/rich/bird4.conf

@@ -1612,7 +1612,7 @@ function prefix_in_rpki_roas_as_route_objects() {
 # origin ASN to validate the announced prefix the function
 # returns True, otherwise False.
 function prefix_in_arin_whois_db() {
-	case bgp_path.last_nonaggregated {
+	case bgp_path.last {
 		10745: return net ~ ARIN_Whois_db_AS10745_4;
 	}
 	return false;
@@ -1628,7 +1628,7 @@ function prefix_in_arin_whois_db() {
 
 # AS-SET for AS10745_1
 function origin_as_is_in_AS10745_1_as_set() {
-	if bgp_path.last_nonaggregated ~ AS_SET_AS10745_asns then
+	if bgp_path.last ~ AS_SET_AS10745_asns then
 		return true;
 	return false;
 }
@@ -1690,7 +1690,7 @@ bool validated;
 
 
 	if !validated && !origin_ok then {
-		reject "origin ASN [", bgp_path.last_nonaggregated, "] not in allowed as-sets - REJECTING ", net;
+		reject "origin ASN [", bgp_path.last, "] not in allowed as-sets - REJECTING ", net;
 
 	}
 	if !validated && !prefix_ok then {
@@ -1845,7 +1845,7 @@ protocol bgp AS10745_1 {
 
 # AS-SET for AS3333_1
 function origin_as_is_in_AS3333_1_as_set() {
-	if bgp_path.last_nonaggregated ~ AS_SET_AS3333_asns then
+	if bgp_path.last ~ AS_SET_AS3333_asns then
 		return true;
 	return false;
 }
@@ -1907,7 +1907,7 @@ bool validated;
 
 
 	if !validated && !origin_ok then {
-		reject "origin ASN [", bgp_path.last_nonaggregated, "] not in allowed as-sets - REJECTING ", net;
+		reject "origin ASN [", bgp_path.last, "] not in allowed as-sets - REJECTING ", net;
 
 	}
 	if !validated && !prefix_ok then {

examples/rich/bird6.conf

@@ -1643,7 +1643,7 @@ function prefix_in_rpki_roas_as_route_objects() {
 # origin ASN to validate the announced prefix the function
 # returns True, otherwise False.
 function prefix_in_arin_whois_db() {
-	case bgp_path.last_nonaggregated {
+	case bgp_path.last {
 		10745: return net ~ ARIN_Whois_db_AS10745_6;
 	}
 	return false;
@@ -1659,7 +1659,7 @@ function prefix_in_arin_whois_db() {
 
 # AS-SET for AS10745_2
 function origin_as_is_in_AS10745_2_as_set() {
-	if bgp_path.last_nonaggregated ~ AS_SET_AS10745_asns then
+	if bgp_path.last ~ AS_SET_AS10745_asns then
 		return true;
 	return false;
 }
@@ -1721,7 +1721,7 @@ bool validated;
 
 
 	if !validated && !origin_ok then {
-		reject "origin ASN [", bgp_path.last_nonaggregated, "] not in allowed as-sets - REJECTING ", net;
+		reject "origin ASN [", bgp_path.last, "] not in allowed as-sets - REJECTING ", net;
 
 	}
 	if !validated && !prefix_ok then {

examples/rich/bird_v2.conf

@@ -1776,12 +1776,12 @@ function prefix_in_rpki_roas_as_route_objects() {
 # returns True, otherwise False.
 function prefix_in_arin_whois_db() {
 	if net.type = NET_IP4 then {
-	case bgp_path.last_nonaggregated {
+	case bgp_path.last {
 		10745: return net ~ ARIN_Whois_db_AS10745_4;
 	}
 	}
 	if net.type = NET_IP6 then {
-	case bgp_path.last_nonaggregated {
+	case bgp_path.last {
 		10745: return net ~ ARIN_Whois_db_AS10745_6;
 	}
 	}
@@ -1798,7 +1798,7 @@ function prefix_in_arin_whois_db() {
 
 # AS-SET for AS10745_1
 function origin_as_is_in_AS10745_1_as_set() {
-	if bgp_path.last_nonaggregated ~ AS_SET_AS10745_asns then
+	if bgp_path.last ~ AS_SET_AS10745_asns then
 		return true;
 	return false;
 }
@@ -1861,7 +1861,7 @@ bool validated;
 
 
 	if !validated && !origin_ok then {
-		reject "origin ASN [", bgp_path.last_nonaggregated, "] not in allowed as-sets - REJECTING ", net;
+		reject "origin ASN [", bgp_path.last, "] not in allowed as-sets - REJECTING ", net;
 
 	}
 	if !validated && !prefix_ok then {
@@ -2023,7 +2023,7 @@ protocol bgp AS10745_1 {
 
 # AS-SET for AS10745_2
 function origin_as_is_in_AS10745_2_as_set() {
-	if bgp_path.last_nonaggregated ~ AS_SET_AS10745_asns then
+	if bgp_path.last ~ AS_SET_AS10745_asns then
 		return true;
 	return false;
 }
@@ -2086,7 +2086,7 @@ bool validated;
 
 
 	if !validated && !origin_ok then {
-		reject "origin ASN [", bgp_path.last_nonaggregated, "] not in allowed as-sets - REJECTING ", net;
+		reject "origin ASN [", bgp_path.last, "] not in allowed as-sets - REJECTING ", net;
 
 	}
 	if !validated && !prefix_ok then {
@@ -2252,7 +2252,7 @@ protocol bgp AS10745_2 {
 
 # AS-SET for AS3333_1
 function origin_as_is_in_AS3333_1_as_set() {
-	if bgp_path.last_nonaggregated ~ AS_SET_AS3333_asns then
+	if bgp_path.last ~ AS_SET_AS3333_asns then
 		return true;
 	return false;
 }
@@ -2315,7 +2315,7 @@ bool validated;
 
 
 	if !validated && !origin_ok then {
-		reject "origin ASN [", bgp_path.last_nonaggregated, "] not in allowed as-sets - REJECTING ", net;
+		reject "origin ASN [", bgp_path.last, "] not in allowed as-sets - REJECTING ", net;
 
 	}
 	if !validated && !prefix_ok then {

templates/bird/clients.j2

@@ -28,7 +28,7 @@ function origin_as_is_in_{{ client.id }}_as_set() {
 {% if client.cfg.filtering.irrdb.as_set_bundle_ids %}
 {%	for as_set_bundle_id in client.cfg.filtering.irrdb.as_set_bundle_ids|sort %}
 {%		if irrdb_info[as_set_bundle_id].asns %}
-	if bgp_path.last_nonaggregated ~ AS_SET_{{ irrdb_info[as_set_bundle_id].name }}_asns then
+	if bgp_path.last ~ AS_SET_{{ irrdb_info[as_set_bundle_id].name }}_asns then
 		return true;
 {%		else %}
 	# AS-SET {{ irrdb_info[as_set_bundle_id].name }} referenced but empty.
@@ -167,7 +167,7 @@ bool validated;
 {%		for route in client.cfg.filtering.irrdb.white_list_route|selectattr("prefix", "is_ipver", client.ip|ipaddr_ver)|sort(attribute="prefix") if route.prefix|ipaddr_ver == client.ip|ipaddr_ver %}
 	if !validated && net ~ [ {{ write_prefix_list_entry(route) }} ] then {
 {%			if route.asn %}
-		if bgp_path.last_nonaggregated = {{ route.asn }} then {
+		if bgp_path.last = {{ route.asn }} then {
 {%				if cfg.filtering.irrdb.tag_as_set and cfg.communities.route_validated_via_white_list|community_is_set %}
 {{					add_communities(cfg.communities.route_validated_via_white_list) }}
 {%				endif %}
@@ -185,7 +185,7 @@ bool validated;
 
 {%	if client.cfg.filtering.irrdb.enforce_origin_in_as_set %}
 	if !validated && !origin_ok then {
-		{{ reject(client, 9, '"origin ASN [", bgp_path.last_nonaggregated, "] not in allowed as-sets - REJECTING ", net', avoid_braces=True) }}
+		{{ reject(client, 9, '"origin ASN [", bgp_path.last, "] not in allowed as-sets - REJECTING ", net', avoid_braces=True) }}
 	}
 {%	endif %}
 {%	if client.cfg.filtering.irrdb.enforce_prefix_in_as_set %}