No, the filter lists would only be to prevent the default route from being advertised back out the other upstream link. Note that usually the BGP AS-path loop avoidance rules will prevent a problem in this scenario (especially with only the default route being advertised), but in a more advanced scenario, or if the upstream ISP were using 2 ASNs, one for each link (who knows, but sometimes it happens), then the ISP could consider this poor guy's 2 2600's as a short path back to the rest of their network.
I think the general rule of thumb is always filter BGP advertisements. I like to be in complete control of what I'm advertising to other ASs. On Sat, 2002-07-27 at 14:27, Stephane LITKOWSKI wrote: > > A couple of suggestions: > > > > 1) If you run iBGP, be *sure* not to advertize the default route learned > > from one edge router, through iBGP to the other edge router, and back > > out the other upstream. You can use a filter list to prevent that. > > I agree with you about your technique but : > Why do you want to prevent 0.0.0.0 to be advertized via the iBGP ? > I think, if each edge router, advertize his eBGP-learned default route to > his iBGP peer, each edge router have 2 default routes and so will prefer the > EBGP path. And if the EBGP path is lost, iBGP path is used (and so if other > routers are on the same LAN, ICMP redirect is generated pointing to the > second edge router). > NB : I think that HSRP will desactivate ICMP redirects on the configured > interface. And so if u want to use it, u have to reenable it. > > > 2) I would highly recommend running an IGP such as OSPF on all your > > routers. Remember, that's what routers are there for; routing protocols > > don't make things more complicated or flakey, but in fact it simplifies > > things and makes your network more robust. I notice this is a common > > misconception about using only static routes, and I have much experience > > on the matter. Static routes break things, especially when you have > > more than one potential path, like you are suggesting. Don't be afraid > > to let your firewall learn the correct default route from the > > redistributed EGP. > > I think it's really the best (and easier) solution. -- Jason Greenberg, CCNP Network Administrator Execulink, Inc. [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=49901&t=49807 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
