[j-nsp] bgp route
Erdem Sener
erdems at gmail.com
Sun Oct 23 15:55:36 EDT 2005
there should be a command in junos/bgp (which I obviously don't
recall) for 'accept connections from configured bgp peers only'. maybe
this might do the trick as well
On 10/23/05, Tarko Tikan <tarko at lanparty.ee> wrote:
> hi!
>
> > i am getting the following messages in my log file. Is it an attack or
> > is there any miscononfiguration on my router. any idea ?
>
> It would be good idea to protect your router with filter attached to lo0
> interface. For more information, see
> http://www.qorbit.net/documents/junos-template.htm and
> http://www.cymru.com/gillsr/documents/junos-bgp-template.pdf and many other
> documents you can find via google.
>
> But long story short, have something like this:
>
> prefix-list management-BGP {
> apply-path "protocols bgp group <*> neighbor <*>";
> }
> prefix-list management-BGP-v6 {
> apply-path "protocols bgp group <*> neighbor <*:*>";
> }
>
> and you can then use these prefix-lists in firewall configuration later to
> protect your router and permit bgp traffic only from peers you have in your
> configuration.
>
> --
> tarko
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list