I use a very very stupid method to do it..... But it works.... I found that
all private AS path cannot be identified simply by the AS number.... That
is, you apply an ASpath filtering list likes "sh ip bgp reg ^65001_" will
not be able to display path beginning with 65001.
I tried serveral methods.... at last I found this.
"sh ip bgp reg ^.65001._".....
Is this what you want?
"root" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hello,
>
> Does anyone know how to tell the router to allow all AS's except for
> Private AS's for Ingress traffic? I know that .* tells it to allow all
> paths, but how do I exclude 65xxx (Private AS's)?
>
> I know about the keyword "remove-private-as", but this is for Egress
> (outbound) traffic. As far as I know it's for when your using
> confederations and such.
>
> Is this something I need to be concerned with? I'm not sure if this is
> something I should be spending my time on or not. Is it necessary to
> block inbound Private AS's? Please excuse my ignorance, I'm still
> learning!
>
> Thank You,
> Andre
>
> _________________________________
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
