[c-nsp] IOS: catch 22 when enabling new bgp neighbors

Azher Mughal azher at hep.caltech.edu
Fri Jun 20 14:49:30 EDT 2014


How about "neighbor 1.1.1.1 remote-as 12 shutdown". It issues two commands:

neighbor 1.1.1.1 remote-as 12
neighbor 1.1.1.1 shutdown

-Azher

On 6/20/2014 10:00 AM, Dimitris Befas wrote:
> Use IOS-XR instead :-)
>
> With IOS and XE you may just configure a wrong AS number (neighbor 2001::123
> remote-as 6) so the adj won't come up, then shut it (neighbor 2001::123
> shut) and while in a shut state, configure the correct AS (neighbor
> 2001::123 remote-as 65005). Now feel free to no shut (no neighbor 2001::123
> remote-as shut)
>
>
> -----Original Message-----
> From: cisco-nsp [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of
> Lukas Tribus
> Sent: Friday, June 20, 2014 5:40 PM
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] IOS: catch 22 when enabling new bgp neighbors
>
> Hey guys,
>
>
> I feel like this is a stupid question with a simple solution, but I just not
> see it:
>
> When I configure a new BGP session, before I can shutdown the neighbor or
> apply a specific peer-group/session-template/policy-template, I need to
> configure the remote-as, so the first command in the address-family is:
>
>  neighbor 2001::123 remote-as 65005
>
>
> Now, if I don't specify the policies right away, or shutdown the session
> right away (or the ssh terminal slows down for whatever reason), IOS will
> establish the BGP session as-is (without any policies), until I manage to
> configure the rest.
>
> In that case, I'm leaking everything I have to the other side for a short
> period of time, possibly triggering max-prefix limits or causing other
> nastiness.
>
> Especially when using SSH and configuring long IPv6 addresses on IOS-XE
> here, this seams to be a problem, copy'n'pasting from notepad is not enough
> in that situation (somehow, the terminal slows down when pasting the config
> to some 2 - 3 chars per second).
>
>
> Any way to make IOS(-XE) behave in a more sane way so I can configure
> everything *before* the session brought up? Like defaulting to shutdown or
> something like that?
>
>
> Let me know how you guys avoid this problem.
>
>
>
> Thanks!
>
> Lukas
>
>  		 	   		  
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list