[j-nsp] BGP Prefix-Limit On A Session

Pedro Roque Marques roque at juniper.net
Wed Feb 25 20:17:20 EST 2004

ras at e-gerbil.net (Richard A Steenbergen) writes:

> On Wed, Feb 25, 2004 at 04:41:51PM -0600, Kashif.Khawaja at Broadwing.com wrote:
> > Hi All,
> > 
> > Just wanted to confirm something. "Injected" in the text below refers to
> > prefixes accepted into the BGP table? Prefixes that passed the import
> > policies?
> One of the fairly negative aspects of not having an explicit "neighbor
> prefix-list" command (as Cisco implements it) is that there is really no
> safe way to implement a prefix-list filter on a customer/peer/whatever,
> and still use the prefix limit as a safety net on top of that.

There are totally orthogonal issues...

'prefix-list' vs 'policy-statement route-filter' is purelly a question
on syntax. Lets not rehash this one at the moment...

The important question is: do the routes that are rejected by the
policy still consume resources or not... if they do they need to be
counted against a prefix-limit, if they don't ("keep none") they

prefix-limit is supposed to keep your box from rolling over by
exaustive resource comsumption from a peer.


More information about the juniper-nsp mailing list