[j-nsp] Tracking VRF Targets
Saku Ytti
saku at ytti.fi
Tue Jun 11 05:48:00 EDT 2013
On (2013-06-11 05:26 -0400), Paul Stewart wrote:
> network. Our eBGP connections are all community driven as well and we
> want to avoid assigning VRF-target that may conflict with them.
If you exchange extended communities with your eBGP, you should make sure
you don't accept any unexpected communities from your peers.
That is, if target:12345:2049 has special meaning in your network, which
you don't want to allow peer to signal, then simply delete those
communities from incoming advertisement. You likely want to delete all
target:12345:.*
--
++ytti
More information about the juniper-nsp
mailing list