[j-nsp] RE: bgp config changes (was: autonomous-system N loop s L)
bbird at epik.net
bbird at epik.net
Fri Dec 12 23:03:41 EST 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
#-----Original Message-----
#From: Daniel Roesen [mailto:dr at cluenet.de]
#Sent: Friday, December 12, 2003 9:33 PM
#To: juniper-nsp at puck.nether.net
#Subject: Re: [j-nsp] RE: bgp config changes (was:
#autonomous-system N loops L)
<snip>
#Ideally, it should allow all the "exact", "orlonger", "longer" etc.
#qualifiers.
#
#> This would allow a single prefix-list to be used in a firewall
#> and a policy and have them both represent the "complete" subnets.
#
#Especially, it allows to use the same IRR-generated prefix list
#to filter accepted prefixes from BGP customers (match exact), and
use
#the same prefix-list to accept more-specifics (match longer) for
#remote-triggered blackholing or traffic engineering purposes and
#treat them differently to the normal IRR-accepted prefixes.
#
#Would be another step ahead IOS. :-)
Exactly! The way I must accomplish this today, is force my
prefix-list generator to build the list of route-filter's twice,
(once upto /32 (for customer blackholing), and once upto /24).
Quite a waste. And with a large-customer, or non-customer peers,
these policy-statement's can grow quite large.
Ben
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3
iQA/AwUBP9qQLtFQh6ARB7TZEQIbQACg4IYjuACca8P1X0mJ5fT8vuXXkZUAn04c
yJnHgrftq+rPmJfBe21Sa9dV
=2QDT
-----END PGP SIGNATURE-----
More information about the juniper-nsp
mailing list