[j-nsp] bgp maxas-limit - JUNOS equivalent ???
Jared Mauch
jared at puck.nether.net
Fri Feb 20 12:33:52 EST 2009
On Feb 20, 2009, at 12:13 PM, Richard A Steenbergen wrote:
> On Fri, Feb 20, 2009 at 02:21:24PM +0100, david.roy at orange-
> ftgroup.com wrote:
>>
>> Hi,
>>
>> You can do it via a policy like this :
>>
>> Here MAX AS PATH equal to 20.
>
> Don't get too overzealous here. From my perspective I currently see
> over
> 160 prefixes with as-path >= 20, so blocking them would break
> legitimate
> announcements for no good reason. There was nothing out-of-spec or
> invalid about the > 255 as-path, it was purely an implementation bug
> on
> vendor C's part.
I really feel the need to echo this, if you have a cisco device that
reset the bgp session as a result of this (technically) valid AS-PATH
you need to be careful to not suppress valid routes and isolate your
network from part of the world. Perhaps you don't care, but having
seen people not update bogon prefix lists, I fear the same here if not
well maintained. You really should manage your IOS code as necessary
and not add these config bits until you know when you're removing them.
- Jared
More information about the juniper-nsp
mailing list