[j-nsp] Filtering people pointing default
Richard A Steenbergen
ras at e-gerbil.net
Mon Aug 4 23:50:37 EDT 2003
On Tue, Aug 05, 2003 at 03:53:06AM +0200, Niels Bakker wrote:
>
> Filtering based on BGP peers works fine, btw (and I applaud Juniper
> for sending clueful people to RIPE meetings to raise awareness about
> features like that).
Almost. This is a useful feature, but putting the prefix-list statement
inside groups seems to make it do very weird things. After having it
randomly block new peers a few times for no apparent reason (it was
configured to block all packets to 179, not just SYNs), I had to kill it.
--
Richard A Steenbergen <ras at e-gerbil.net> http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
More information about the juniper-nsp
mailing list