[j-nsp] constraining bootstap messages at domain boundaries

From: Sher, Ryan (RSher@flagtelecom.com)
Date: Sat Apr 27 2002 - 08:41:45 EDT


Hi,

I have set up the following to restrict pim Bootstrap messages at my AS
boundary:

lab@sfc2# show protocols pim
rp {
    bootstrap-priority 10;
    bootstrap-import kill_bootstrap_in;
    bootstrap-export kill_bootstrap_out;
}
interface all {
    mode sparse-dense;
}
interface fxp0.0 {
    disable;
}

policy-statement kill_bootstrap_in {
    from interface t3-0/1/0.0;
}
policy-statement kill_bootstrap_out {
    to interface t3-0/1/0.0;
}

This is similar to the example in the JUNOS manuals ...

However my bootstrap router also happens to be on my AS border (t3-0/1/0).
My configuration seems to restrict the sending of bootstap messages out ALL
interfaces and not just t3-0/1/0.

Can anyone see a problem with the policy? I different policies like simple
"then accept" but they all killed messages out all interfaces.

Any suggestions?

Ryan

**********************************************************************
This e-mail message is confidential and is intended only for the use of the
individual or entity named above and contains information which is or may be
confidential, non-public or legally privileged. Any dissemination or
distribution of this message other than to its intended recipient is
strictly prohibited. If you have received this message in error, please
notify us by email to postmaster@flagtelecom.com immediately and delete the
original message and all copies from all locations in your computer systems.

This e-mail has been swept by Mailsweeper TM for viruses. However, FLAG
Telecom cannot accept liability for any damage which you may sustain as a
result of software viruses.
**********************************************************************

  



This archive was generated by hypermail 2b29 : Mon Aug 05 2002 - 10:42:35 EDT