[j-nsp] BGP Prefix-Limit On A Session
Pedro Roque Marques
roque at juniper.net
Wed Feb 25 20:17:20 EST 2004
ras at e-gerbil.net (Richard A Steenbergen) writes:
> On Wed, Feb 25, 2004 at 04:41:51PM -0600, Kashif.Khawaja at Broadwing.com wrote:
> > Hi All,
> >
> > Just wanted to confirm something. "Injected" in the text below refers to
> > prefixes accepted into the BGP table? Prefixes that passed the import
> > policies?
>
> One of the fairly negative aspects of not having an explicit "neighbor
> prefix-list" command (as Cisco implements it) is that there is really no
> safe way to implement a prefix-list filter on a customer/peer/whatever,
> and still use the prefix limit as a safety net on top of that.
There are totally orthogonal issues...
'prefix-list' vs 'policy-statement route-filter' is purelly a question
on syntax. Lets not rehash this one at the moment...
The important question is: do the routes that are rejected by the
policy still consume resources or not... if they do they need to be
counted against a prefix-limit, if they don't ("keep none") they
aren't.
prefix-limit is supposed to keep your box from rolling over by
exaustive resource comsumption from a peer.
Pedro.
More information about the juniper-nsp
mailing list