[c-nsp] BGP route won't advertise

Jerry Bacon wireless at starbeam.com
Thu Feb 28 12:10:09 EST 2013

On 2/27/2013 7:45 PM, Jon Lewis wrote:
> On Wed, 27 Feb 2013, Jay Hennigan wrote:
>> You could simplify that to:
>> ip as-path access-list 10 deny _11xx1_
>> ip as-path access-list 10 permit .*   <- Dangerous outbound to transit
>> connections.
> Or simplify things more by using prefix filters / route-maps on the 
> customer BGP sessions to deny/accept+tag routes with communities that 
> tell the rest of your network what to do with the routes (i.e. whether 
> a route gets advertised to your transit providers, etc.).  That ends 
> up being much saner as you have smaller filters in more places rather 
> than monster filters at the border where you'll lose track of why 
> things are there.

I do have filters on the customer BGP sessions, but I have to disallow 
his AS from my upstreams, or I become a transit for those routes.

Jerry Bacon
Senior Network Engineer

More information about the cisco-nsp mailing list