[c-nsp] BGP/ACL Question

Pete Templin petelists at templin.org
Tue Mar 17 15:49:41 EDT 2009


Jeff Cartier wrote:
> I'm going to be configuring CoPP to match BGP traffic between
> peers...and I am having a forgetful moment :-)...in order to match the
> BGP peer, in my ACL, should I be matching based on the BGP local
> router-ID or on the directly connected interface?

Match based on whatever the update-source is for that neighbor.  Default 
is closest physical interface at the time that the session is 
established, typical practice is to use a loopback interface for iBGP 
sessions.  Router-ID won't appear in the IP headers of the packets.

pt



More information about the cisco-nsp mailing list