Re: Filter subnets

From: Miguel A.L. Paraz (map@internet.org.ph)
Date: Thu Dec 14 2000 - 00:16:49 EST


On Thu, Dec 07, 2000 at 08:29:50PM -0500, Jared Mauch wrote:
> Here's an ACL that I use, which you may find well suited
> for your application. These aren't 'well aggregated' as far as filters
> go, but it works well for me.

How do you say "deny anything longer than /24?"

Is it:

deny ip 0.0.0.0 0.0.0.255 255.255.255.0 0.0.0.255

(sorry this bit fields get confusing, so I prefer prefix-lists..)

On a "bgp neighbor", what is used first, the "prefix-list", the
"distribute-list", or the "filter-list" - if route-map's are not in use?

And, how is it possible to permit a prefix ONLY if it matches a certain AS
path; for example, permit (203.176.8.0/24 AND _9442$). This is because I
want to send announcements to a peering point only if I heard the route
directly from a customer. Or can this only be done by denying the undesired
as-paths?

Thanks.

-- 

http://www.internet.org.ph Internet and ISP's in the Philippines http://www.ASARproject.org Artists for Social Action and Response

GSM Mobile: +63-917-8109728



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:23 EDT