[c-nsp] AS override
Oliver Boehmer (oboehmer)
oboehmer at cisco.com
Thu Oct 6 04:37:16 EDT 2005
Danny,
Re-writing AS paths is a dangerous thing (as you will take BGP's only
loop prevention mechanism away), so we are not allowing it except within
the MPLS-VPN setup using as-override.
oli
Danny Vernals <mailto:danny.vernals at gmail.com> wrote on Wednesday,
October 05, 2005 4:16 PM:
> Hi Oliver,
>
> I just had concerns over routing table security / integrity but now I
> think about it the same issues arise with override as with
> allowas-in. I think I can mitigate against these issues with careful
> design.
>
> Ideally I'd only like to re-write the ASN for certain prefixes that
> are matched in a route map matching on community / prefix list etc.
> However as far as I'm aware this is not possible?
>
> Thanks for the reply
>
> Danny
>
>
> On 10/5/05, Oliver Boehmer (oboehmer) <oboehmer at cisco.com> wrote:
>
>
> >
> > Do you know of a way to configure AS override functionality
not in
> a > VRF? I need to allow prefixes oringated from an AS to be
> advertised > back into it. Ideally I'd like to avoid using
> allowas-in. I have > admin control of both of the connected
AS's.
>
> as-override is, as you have observed, only available in ipv4-VRF
> context. Why do you want to avoid allowas-in?
>
> oli
More information about the cisco-nsp
mailing list