[c-nsp] How to set BGP commun. to none then to a value
Saku Ytti
saku+cisco-nsp at ytti.fi
Thu Aug 11 13:17:06 EDT 2005
On (2005-08-11 16:10 +0300), Kim Onnel wrote:
> We are doing peering to a neighbor ISP, we would like to secure
> ourselves and null any communities coming from them, but then we want
> to set a specific community on their routes to match it all over our
> AS and use it for filters, can this be done in a signle route-map?
>
> Please provide an example if possible?
I'm not sure how common sense it is, but I'd surely hope it would
be more common, that no one touches other communites than their own
AS or private. Even if you don't use them, your customers might get valuable
information via them.
So I'd suggest something like this:
ip community-list expanded my_communities permit 42:.*
!and what ever private AS communities you know you're using internally
route-map QUUX permit 100
set comm-list my_communities delete
set community 42:42 additive
!
--
++ytti
More information about the cisco-nsp
mailing list