[j-nsp] bgp route
Tarko Tikan
tarko at lanparty.ee
Sun Oct 23 14:06:26 EDT 2005
hi!
> i am getting the following messages in my log file. Is it an attack or
> is there any miscononfiguration on my router. any idea ?
It would be good idea to protect your router with filter attached to lo0
interface. For more information, see
http://www.qorbit.net/documents/junos-template.htm and
http://www.cymru.com/gillsr/documents/junos-bgp-template.pdf and many other
documents you can find via google.
But long story short, have something like this:
prefix-list management-BGP {
apply-path "protocols bgp group <*> neighbor <*>";
}
prefix-list management-BGP-v6 {
apply-path "protocols bgp group <*> neighbor <*:*>";
}
and you can then use these prefix-lists in firewall configuration later to
protect your router and permit bgp traffic only from peers you have in your
configuration.
--
tarko
More information about the juniper-nsp
mailing list