[c-nsp] IPv6 access-lists/BGP filter
Gert Doering
gert at greenie.muc.de
Wed Jan 17 04:26:04 EST 2007
Hi,
On Wed, Jan 17, 2007 at 04:48:50PM +0800, Nick Kraal wrote:
> Thanks Gert for your reply. Maybe I should be a bit clearer.
>
> We are thinking of this as we are receiving /35s, /40s, /48s from our
> bi-lateral peers/downstream customers and did not want to carelessly
> populate the v6 routing table when a /32 should do fine.
Yes, I understand the motivation behind this.
> We do use prefix filters for customers,
Very good, thanks :-)
> but for v6 peering links we use
> as-path ACLs. So was thinking of a generic filter to chuck away anything
> larger than /32.
This will work, if applied everywhere (so that more-specifics do not
sneak in via some 'backup path' route, which will then to lead to very
bad paths for these prefixes) - and if you add the necessary exceptions,
so that IPv6 PI (ARIN region), Root Server assignments (all regions),
and DNS Anycast routes (RIPE region) will continue to work.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
More information about the cisco-nsp
mailing list