[j-nsp] Dynamic generation of interface IPs of OSPF neighbo(u)rs ?
Jensen Tyler
JTyler at fiberutilities.com
Fri Jan 28 12:49:00 EST 2011
You could filter by configured interface and IP Space you own( or use in your core). Not what you are looking for but easy to do.
-----Original Message-----
From: juniper-nsp-bounces at puck.nether.net [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf Of David Ball
Sent: Friday, January 28, 2011 11:37 AM
To: Juniper-Nsp
Subject: [j-nsp] Dynamic generation of interface IPs of OSPF neighbo(u)rs ?
Brain stuck in Friday mode. I've created a prefix-list using apply-path
which looks at 'protocols bgp group <*> neighbor <*>' to get a list of my
BGP neighbour IPs. Works fine. Now I'm trying to think of a way to do the
same with OSPF neighbor IPs (and perhaps even LDP, RSVP, etc). Not quite as
easy since they're not all listed together in 1 spot anywhere, so I'm trying
to figure out how or if it's possible to dynamically generate such a list.
What I'm trying to create is a firewall filter for lo0 which only allows
appropriate traffic to the RE, such that if one of our operators adds a new
OSPF interface, they won't have to remember to update the firewall filter.
As stated above, the stanza to allow BGP was easy, but I can't think of a
way for the other protocols. Trying to avoid manually maintaining a
prefix-list which contains all of said IPs. Is commit scripts my only path
to glory ?
David
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list