On Feb 20, 2009, at 12:13 PM, Richard A Steenbergen wrote:
On Fri, Feb 20, 2009 at 02:21:24PM +0100, david....@orange-
ftgroup.com wrote:
Hi,
You can do it via a policy like this :
Here MAX AS PATH equal to 20.
Don't get too overzealous here. From my perspective I currently see
over
160 prefixes with as-path >= 20, so blocking them would break
legitimate
announcements for no good reason. There was nothing out-of-spec or
invalid about the > 255 as-path, it was purely an implementation bug
on
vendor C's part.
I really feel the need to echo this, if you have a cisco device that
reset the bgp session as a result of this (technically) valid AS-PATH
you need to be careful to not suppress valid routes and isolate your
network from part of the world. Perhaps you don't care, but having
seen people not update bogon prefix lists, I fear the same here if not
well maintained. You really should manage your IOS code as necessary
and not add these config bits until you know when you're removing them.
- Jared
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
