[c-nsp] Redistribute interface address as a /32 or /128 into BGP
Saku Ytti
saku at ytti.fi
Sat Mar 27 11:34:32 EDT 2021
On Sat, 27 Mar 2021 at 17:11, Maximilian Wilhelm <max at rfc2324.org> wrote:
> I'm wondering if the default classfulness is biting you here. Have you
> tried
>
> network 10.0.0.2 mask 255.255.255.255
His problem is that the connected network is less specific and he
wants to (potentially incorrect solution) advertise some addresses of
connected network as more-specific. So the problem is getting that /32
to RIB in the first place, the problem is not how to advertise after
he gets it to the RIB, which is what you're solving.
And solution to the question (probably not right solution) is to
static route /32 to the interface:
int eth42
192.0.2.1/24
ip route 192.0.2.2/32 eth42
Now you can advertise 192.0.2.2/32. This trick is particularly useful
so limit attack surface of your infrastructure, so instead of having
every PE-CE/31 address reachable, you can make it so that only CE/32
address is reachable, limiting DFZ wide surface.
--
++ytti
More information about the cisco-nsp
mailing list