Thanks to those who mentioned the built-in martian filter.
However, in our case, the downstream is announcing a route
from one of our public CIDR blocks. Only the ASN is private.
> -----Original Message-----
> From: Jesper Skriver [mailto:jesper@skriver.dk]
> Sent: Friday, January 11, 2002 11:34 AM
> To: Borchers, Mark
> Cc: 'juniper-nsp@puck.nether.net'; 'Dave Qi'
> Subject: Re: Private ASN's
>
>
> jesper@testnxj4> show route martians
>
> inet.0:
> 0.0.0.0/0 exact -- allowed
> 0.0.0.0/8 orlonger -- disallowed
> 127.0.0.0/8 orlonger -- disallowed
> 128.0.0.0/16 orlonger -- disallowed
> 191.255.0.0/16 orlonger -- disallowed
> 192.0.0.0/24 orlonger -- disallowed
> 223.255.255.0/24 orlonger -- disallowed
> 240.0.0.0/4 orlonger -- disallowed
> 192.168.0.0/16 orlonger -- disallowed
> 10.0.0.0/8 orlonger -- disallowed
> 172.16.0.0/12 orlonger -- disallowed
>
> Those are the default martians, and any routing information for
> these prefix'es will be dropped.
>
> On Fri, Jan 11, 2002 at 11:31:51AM -0600, Borchers, Mark wrote:
> > Done that and more. I can verify the advertisement on
> > the Cisco sending the route (sh ip bgp nei <M160> adv).
> > But I don't see it on the M160, even after removing all
> > policy from my IBGP group and clearing the session.
> >
> > Can you tell me: does sh route received-prot bgp output
> > all of the neighbor's advertisements, or only those which
> > were put in the table after policy was applied?
> >
> > TIA,
> > Mark
> >
> > > -----Original Message-----
> > > From: Dave Qi [mailto:dqi@bloomberg.com]
> > > Sent: Friday, January 11, 2002 11:26 AM
> > > To: Guy Davies; Borchers, Mark; juniper-nsp@puck.nether.net
> > > Subject: RE: Private ASN's
> > >
> > >
> > > also , do show route receive-protocol bgp <bgp peer ip
> > > address> <prefix in
> > > question> to see if you are indeed received the prefix on
> the juniper
> > > router.
> > >
> > > -dave
> > >
> > > -----Original Message-----
> > > From: Guy Davies [mailto:Guy.Davies@telindus.co.uk]
> > > Sent: Friday, January 11, 2002 12:16 PM
> > > To: 'Borchers, Mark'; 'juniper-nsp@puck.nether.net'
> > > Subject: RE: Private ASN's
> > >
> > >
> > >
> > > -----BEGIN PGP SIGNED MESSAGE-----
> > > Hash: SHA1
> > >
> > > What's the prefix? By default, the Junipers won't
> discard prefixes
> > > just because they're using private ASNs. However, there
> is a list of
> > > martian prefixes which automatically get discarded. Try
> "show route
> > > martians" to get a list.
> > >
> > > Regards,
> > >
> > > Guy
> > >
> > > > -----Original Message-----
> > > > From: Borchers, Mark [mailto:mborchers@splitrock.net]
> > > > Sent: Friday, January 11, 2002 5:12 PM
> > > > To: 'juniper-nsp@puck.nether.net'
> > > > Subject: Private ASN's
> > > >
> > > >
> > > > We have an IBGP mesh consisting of a mixture of Ciscos and
> > > > Junipers. A prefix from a downstream to whom we assigned a
> > > > private ASN is being accepted by the Cisco routers but appears
> > > > to be getting discarded by the Junipers. Can anybody confirm
> > > > if this is the default *IBGP* behavior for prefixes containing
> > > > private ASNs in the path? I'm not finding anything helpful
> > > > on www.juniper.net.
> > > >
> > > > --
> > > > Mark Borchers McLeodUSA Data Services
> > > > IP Engineering 9012 New Trails Dr.
> > > > mborchers@splitrock.net The Woodlands, TX 77381
> > > > (281) 465-1931 http://www.mcleod.net/
> > > >
> > >
> > > -----BEGIN PGP SIGNATURE-----
> > > Version: PGP 7.0.1
> > >
> > > iQA/AwUBPD8dzY3dwu/Ss2PCEQKJbACgz3awCwg57Tu56nah/ue5Ut0XcWcAoLRj
> > > UhLZr5E8dmyGIGHRYk/sa6D/
> > > =51TS
> > > -----END PGP SIGNATURE-----
> > >
> > >
> > > .
> > >
> > >
> > >
> >
>
> /Jesper
>
> --
> Jesper Skriver, jesper(at)skriver(dot)dk - CCIE #5456
> Work: Network manager @ AS3292 (Tele Danmark DataNetworks)
> Private: FreeBSD committer @ AS2109 (A much smaller network ;-)
>
> One Unix to rule them all, One Resolver to find them,
> One IP to bring them all and in the zone to bind them.
>
This archive was generated by hypermail 2b29 : Mon Aug 05 2002 - 10:42:38 EDT