Re: accesslist.....bgp [7:42098]

Sat, 20 Apr 2002 21:59:25 -0700 

Stanzin,  Chuck,
           I had this happen to me the other day when one of our
engineers made a change to the ACL on one of our BGP peer
connections.  Typically all the ACLs are the same on all of our BGP
connections, so when trouble shooting the problem some assumtions were
made.   The problem ended up being that on a number of our connections we
use the provider space to p-t-p connections. A few of the other
connections are made using our own IP space. The engineer forgot to add a
permit statement to the ACL to allow for the p-t-p links.  Although there
was a "permit ip any any" at the end of the list, the anti-spoofing part
of the ACL that read "deny ip 192.168.0.0 0.0.0.0 any" denied the BGP
peering relationship.  This also filtered all icmp traffic as well.  The
other interesting thing here is the local interface could not be ping'd
as well...:->

We get to have to much fun I think.. 

P.S. Chuck what's been going on?  Drop me a line..

Nigel

>From: "Chuck" >Reply-To: "Chuck" >To: [EMAIL PROTECTED] >Subject: Re:
accesslist.....bgp [7:42098] >Date: Sun, 21 Apr 2002 00:17:18 -0400 > >we
give up. post the access-list > > >""Stanzin Takpa"" wrote in message
>[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Hi , > > I came across
a strange situation. > > I am running bgp b/w two routers(cisco).
Whenever I configure access-list > > on one of the router,the bgp routes
from the router on which I configure >acl > > are getting disappearin 'sh
ip routes ' > > and I am not able to ping from one n/w to the other . > >
> > What could be the problem / > > > > > > Stanz > > > > >Message Posted
at: >http://www.groupstudy.com/form/read.php?f=7&i=42118&t=42098
>-------------------------------------------------- >FAQ, list archives,
and subscription info: http://www.groupstudy.com/list/cisco.html >Report
misconduct and Nondisclosure violations to [EMAIL PROTECTED]

------------------------------------------------------------------------

Get your FREE download of MSN Explorer at http://explorer.msn.com.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=42120&t=42098
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to