[c-nsp] BGP/ACL Question
Pete Templin
petelists at templin.org
Tue Mar 17 15:49:41 EDT 2009
Jeff Cartier wrote:
> I'm going to be configuring CoPP to match BGP traffic between
> peers...and I am having a forgetful moment :-)...in order to match the
> BGP peer, in my ACL, should I be matching based on the BGP local
> router-ID or on the directly connected interface?
Match based on whatever the update-source is for that neighbor. Default
is closest physical interface at the time that the session is
established, typical practice is to use a loopback interface for iBGP
sessions. Router-ID won't appear in the IP headers of the packets.
pt
More information about the cisco-nsp
mailing list