[c-nsp] IOS: catch 22 when enabling new bgp neighbors

N. Max Pierson nmaxpierson at gmail.com
Fri Jun 20 14:58:29 EDT 2014


address-families with 'activate' keyword maybe?

-
m


On Fri, Jun 20, 2014 at 11:38 AM, Blake Dunlap <ikiris at gmail.com> wrote:

> one way to do so is no default ipv4 activation. That said, my paste
> ins are generally the following:
>
> line 1: nei X as Y
> line 2: nei X shut
>
> I wish the sessions started by default shut.
>
> -Blake
>
> On Fri, Jun 20, 2014 at 9:39 AM, Lukas Tribus <luky-37 at hotmail.com> wrote:
> > Hey guys,
> >
> >
> > I feel like this is a stupid question with a simple solution, but I just
> > not see it:
> >
> > When I configure a new BGP session, before I can shutdown the neighbor
> > or apply a specific peer-group/session-template/policy-template, I need
> > to configure the remote-as, so the first command in the address-family
> is:
> >
> >  neighbor 2001::123 remote-as 65005
> >
> >
> > Now, if I don't specify the policies right away, or shutdown the session
> > right away (or the ssh terminal slows down for whatever reason), IOS will
> > establish the BGP session as-is (without any policies), until I manage
> > to configure the rest.
> >
> > In that case, I'm leaking everything I have to the other side for a short
> > period of time, possibly triggering max-prefix limits or causing other
> > nastiness.
> >
> > Especially when using SSH and configuring long IPv6 addresses on IOS-XE
> > here, this seams to be a problem, copy'n'pasting from notepad is not
> > enough in that situation (somehow, the terminal slows down when pasting
> > the config to some 2 - 3 chars per second).
> >
> >
> > Any way to make IOS(-XE) behave in a more sane way so I can configure
> > everything *before* the session brought up? Like defaulting to shutdown
> > or something like that?
> >
> >
> > Let me know how you guys avoid this problem.
> >
> >
> >
> > Thanks!
> >
> > Lukas
> >
> >
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>


More information about the cisco-nsp mailing list