[j-nsp] BGP Prefix-Limit On A Session

Daniel Roesen dr at cluenet.de
Wed Feb 25 21:39:34 EST 2004

On Wed, Feb 25, 2004 at 09:20:21PM -0500, Richard A Steenbergen wrote:
> On Wed, Feb 25, 2004 at 05:17:20PM -0800, Pedro Roque Marques wrote:
> > prefix-limit is supposed to keep your box from rolling over by
> > exaustive resource comsumption from a peer.
> Ah the joys of developers vs operators. I don't think there are any 
> network operators who would give that as the reason for using prefix 
> limits. :)

Oh, there are. And actually I think Juniper is 110% right and IOS
is wrong or at least suboptimal there.

IOS max-prefix limits with soft-reconfig inbound leaves your box
pretty vulnerable to resource exhaustion.


More information about the juniper-nsp mailing list