[c-nsp] IOS XR BGP

Gert Doering gert at greenie.muc.de
Mon Nov 28 12:12:46 EST 2011


Hi,

On Mon, Nov 28, 2011 at 11:41:08AM -0500, Keegan Holley wrote:
> That wasn't centered around aggregates and no.  Some of us don't run
> gigantic intercontinental ISP's :) So yes us lowly Tier-II and Tier-III
> AS's may on occasion learn our own routes from an external connection.

These lowly ASes urgently need to implement anti-bogon filters on their
eBGP sessions.  NEVER EVER accept prefixes belonging to your address
space from the outside.

Whether eBGP is preferred over iBGP is completely irrelevant on this
topic, as someone could always fat-finger a more specific of your
aggregate, and that would always win, no matter what.

gert
-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert at net.informatik.tu-muenchen.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 305 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20111128/b325c57a/attachment.sig>


More information about the cisco-nsp mailing list