[c-nsp] Prefix-list help
Ian Dickinson
iand at eng.pipex.net
Tue Oct 16 17:19:54 EDT 2007
Hi,
If you don't have a default route by design, you probably want to block this.
If you use loose uRPF on your peering/transit edge, you do want to block this.
If you do both, you *really* do want to block this :-)
Otherwise, those bogons will gain a covering prefix and you'll start seeing
bogon-sourced traffic again - which is why I assume 128.0.0.0/1 was announced
by someone in the first place recently, triggering those CEF LC IPC Background
CPUHOG questions earlier...
Ian
Gert Doering wrote:
> ip prefix-list no-ultra-short-things deny 0.0.0.0/0 le 7
>
> should do that - remove all from /0 (default route) to /7. Permit /8 and up.
>
> OTOH, unless you are running into CEF updating problems, why bother? If
> you have a more specific route, it will win - and if not, the /1 will do
> the same thing as getting a default route from your upstream "catch-all".
--
Ian Dickinson
Senior Network Development Engineer
Pipex Communications
ian.dickinson at pipex.net
http://www.pipex.net
This e-mail is subject to: http://www.pipex.net/disclaimer.html
More information about the cisco-nsp
mailing list