[j-nsp] Generated prefix lists - simple solution to a range of
problems?
Daniel Roesen
dr at cluenet.de
Thu Sep 23 07:39:29 EDT 2004
On Thu, Sep 23, 2004 at 01:21:04PM +0200, David Monosov wrote:
> - Import Cymru's bogon list from AS 65333, tagged with community
> 65333:888 via BGP
> - A prefix list called bogon-prefixes is generated using a policy which
> accepts only routes from that BGP peer, tagged with that community, and
> marks each route as "X.X.X.X/Y orlonger".
> - I can now apply the generated prefix-list to my peers import policy as
> reject in order to reject *all* bogon routes, including more specifics.
This would be incredible useful for a lot of things. Effectively,
it would allow you do remote-control all your routers via IBGP for
any kind of ACLs and even more exotic things like RIB/FIB attribute
manipulation via policy engine.
Best regards,
Daniel
More information about the juniper-nsp
mailing list