[nsp] bgp/ospf interview questions ?
Pekka Savola
pekkas at netcore.fi
Thu Apr 29 11:58:27 EDT 2004
On Thu, 29 Apr 2004, Gould, Aaron M (NRSW N61CR1W) wrote:
> don't you also have to "send-community" to that neighbor you want to convey
> no-exports to?
>
> it's been a while since i've done this.
(stepping on the soapbox)
Even more than that, there are other very serious non-compliances with
the behaviour -- that also applies to iBGP; from a document I wrote
some year or two ago:
=========
There are two relatively serious long-standing feature requests in
Cisco IOS BGP implementation that will cause some setbacks when using
inter-AS communities:
o When a route with a well-known community (like no-export) is
received from an eBGP peer, the route is propagated to iBGP
without the community unless "send-community" feature has been
configured for all iBGP peers. Note that this behaviour seems to
be in violation of [BGPCOMM] definition of e.g.
NO_EXPORT_SUBCONFED: "All routes received carrying a communities
attribute containing this value MUST NOT be advertised to
external BGP peers".
One fix is making send-community the default for iBGP sessions
(CSCdk38549).
o When a route with a well-known community (like no-export) is
received, it may be inadvertantly deleted or overwritten like any
other community (e.g. in the process of scrubbing the routes
clean of communities).
One fix is requiring some explicit deletion for these communities
(CSCdt21886)
=========
(thanks!)
--
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
More information about the cisco-nsp
mailing list