[c-nsp] do I need acl on wan bgp port ?

[Smales, Robert]

Hi All

> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net]On Behalf Of Ang Kah Yik
> Sent: 12 September 2008 12:39
> To: julien leroiso
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] do I need acl on wan bgp port ?
> 
> 
> Hi Julien,
> 
> This topic may actually be more suited to other mailing lists such as
> NANOG rather than a Cisco specific list.
> Anyway, I believe it is more common that ISPs deploy the use of uRPF
> (unicast reverse path forwarding) rather than ACLs.
> 

We use route-maps/prefix-lists to filter incoming BGP, that is more manageable than having to rewrite a single access-list when the bogons list changes, for example.

Robert
Robert Smales                                                
IP Provide Engineer
Cable&Wireless Europe, Asia & US
www.cw.com                              

This e-mail has been scanned for viruses by the Cable & Wireless e-mail security system - powered by MessageLabs. For more information on a proactive managed e-mail security service, visit http://www.cw.com/uk/emailprotection/ 

The information contained in this e-mail is confidential and may also be subject to legal privilege. It is intended only for the recipient(s) named above. If you are not named above as a recipient, you must not read, copy, disclose, forward or otherwise use the information contained in this email. If you have received this e-mail in error, please notify the sender (whose contact details are above) immediately by reply e-mail and delete the message and any attachments without retaining any copies.
 
Cable and Wireless plc 
Registered in England and Wales.Company Number 238525 
Registered office: 3rd Floor, 26 Red Lion Square, London WC1R 4HQ