[j-nsp] iBGP routes and prepends - Cisco vs Juniper behaviour

Lars Erik Gullerud lerik at nolink.net
Sat Mar 1 18:33:50 EST 2003


On Sat, 2003-03-01 at 08:54, Danny McPherson wrote:
> > The Cisco boxes in our network gladly accepted these routes containing
> > our own AS-number prepended, and propagated them correctly to their
> > external peers, with the AS-path prepend in place. This is the behaviour
> > I expected, having worked with this type of setup before, when it was
> > done intentionally. 
> 
> I'm not sure this is what I would have expected.  I'm actually surprised
> they didn't discard it.  

Well, as I said - I "expected" it because I already know that Cisco
accepts more or less anything when coming from internal peers. And for
us, it would actually have been good if Cisco, like Juniper, did NOT
accept them, as we would have caught this particular misconfiguration
immediately, when none of the affected routes were being propagated
anywhere...

> I agree with Pedro that the check should be performed on iBGP peers as well, 
> and that looping paths should be ignored, unless explicitly configured
> otherwise.

Yes, that's how I read it too, and I agree that it would indeed be
better if you had to explicitly configure it if you want to accept such
paths - since it would, like it was for us, in most cases be a sign of a
misconfiguration, and those who need to do this intentionally would have
to explicitly enable it. I doubt Cisco will change their default
behaviour so you would need to configure this though, given their
reluctance to change existing defaults in IOS for anything.

/leg




More information about the juniper-nsp mailing list