[c-nsp] IOS: catch 22 when enabling new bgp neighbors

Lukas Tribus luky-37 at hotmail.com
Fri Jun 20 10:39:48 EDT 2014


Hey guys,


I feel like this is a stupid question with a simple solution, but I just
not see it:

When I configure a new BGP session, before I can shutdown the neighbor
or apply a specific peer-group/session-template/policy-template, I need
to configure the remote-as, so the first command in the address-family is:

 neighbor 2001::123 remote-as 65005


Now, if I don't specify the policies right away, or shutdown the session
right away (or the ssh terminal slows down for whatever reason), IOS will
establish the BGP session as-is (without any policies), until I manage
to configure the rest.

In that case, I'm leaking everything I have to the other side for a short
period of time, possibly triggering max-prefix limits or causing other
nastiness.

Especially when using SSH and configuring long IPv6 addresses on IOS-XE
here, this seams to be a problem, copy'n'pasting from notepad is not
enough in that situation (somehow, the terminal slows down when pasting
the config to some 2 - 3 chars per second).


Any way to make IOS(-XE) behave in a more sane way so I can configure
everything *before* the session brought up? Like defaulting to shutdown
or something like that?


Let me know how you guys avoid this problem.



Thanks!

Lukas

 		 	   		  


More information about the cisco-nsp mailing list