[j-nsp] Dynamic blocklists/blacklists...?
Richard A Steenbergen
ras at e-gerbil.net
Tue Aug 16 16:26:10 EDT 2005
On Tue, Aug 16, 2005 at 10:49:02AM -0700, Pedro Roque Marques wrote:
>
> There is more recent version:
> http://professional.juniper.net/roque/draft-marques-idr-flow-spec-02.txt
>
> more info:
> http://www.juniper.net/techpubs/software/junos/junos73/swconfig73-routing/html/routing-tables-config52.html
> http://professional.juniper.net/roque/traffic-filter.pdf
As a word of praise, I've been running the flow bgp filters on a decent
sized network for a while with nothing but success (since 7.2, which was
elected to replace the old daily snapshot versions we all probably still
have floating around in far too many places :P).
We haven't publicized it yet, but we have some early adopter customers
with Junipers speaking BGP to a blackhole server who manage their own
complex filters dynamically without needing to call someone and ask for
them. This is an all around excellent feature, I can't recommend it
enough.
--
Richard A Steenbergen <ras at e-gerbil.net> http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
More information about the juniper-nsp
mailing list