>Hello,
>
>Does anyone know how to tell the router to allow all AS's except for
>Private AS's for Ingress traffic? I know that .* tells it to allow all
>paths, but how do I exclude 65xxx (Private AS's)?
>
>I know about the keyword "remove-private-as", but this is for Egress
>(outbound) traffic. As far as I know it's for when your using
>confederations and such.
>
>Is this something I need to be concerned with? I'm not sure if this is
>something I should be spending my time on or not. Is it necessary to
>block inbound Private AS's? Please excuse my ignorance, I'm still
>learning!
>
>Thank You,
>Andre
Interesting question, which, I must admit, I've never thought about
or seen raised in operational forums. The concern tends to be much
more with the validity of prefixes than of ASN's.
If you were not a major transit provider, I don't think it would be
too likely to be a problem.
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]