[c-nsp] BGP Config
Nikos Leontsinis
nikos at oteglobe.net
Fri Aug 13 12:55:57 EDT 2004
try
router bgp 1234
neighbor 1.1.1.1 prefix-list deny in
ip prefix-list deny-all deny 0.0.0.0/0 le 32
----- Original Message -----
From: <info at beprojects.com>
To: "Cisco Nsp" <cisco-nsp at puck.nether.net>
Sent: Friday, August 13, 2004 6:53 PM
Subject: Re: [c-nsp] BGP Config
> Isn't "permit nothing" the same as "deny everything"?
>
>
> ----- Original Message -----
> From: "Kristofer Sigurdsson" <ks at rhi.hi.is>
> To: <info at beprojects.com>
> Cc: "Cisco Nsp" <cisco-nsp at puck.nether.net>
> Sent: Friday, August 13, 2004 10:47 AM
> Subject: Re: [c-nsp] BGP Config
>
>
> > info at beprojects.com, Fri, Aug 13, 2004 at 10:08:46AM -0500 :
> > > OK, I'm having a brain freeze at the moment and can't figure out why
> this
> > > won't work. I want to filter all incoming routes from a bgp neighbor
> and I
> > > swear I've used this in the past. Does this look right, or am I
missing
> > > something (I cut out all of the non-useful info).
> > >
> > >
> > > router bgp 1234
> > > neighbor 1.1.1.1 route-map DenyAll in
> > >
> > > ip access-list extended DENYALL
> > > deny ip any any
> >
> > This access list doesn't match anything...
> >
> > >
> > > route-map DenyAll permit 10
> > > match ip address DENYALL
> >
> > This route map allows everything that matches the DENYALL access list,
> > which is nothing...
> >
> > You could try this:
> >
> > ip access-list extended DENYALL
> > permit ip any any
> >
> > route-map DenyAll deny 10
> > match ip address DENYALL
> >
> > --
> > Kristófer Sigurðsson | Tel: +354 525 4103 / MSN: ks at rhi.hi.is
> > Netsérfræðingur/Network specialist | Reiknistofnun HÍ/University of
> Iceland
> >
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list