Hi experts,
I was reading through bgp Router hardening.
we use ip prefix-list matching 10.0.0.0/8 le 32 for denying the RFC 1918
prefixes to be received by our AS...Right?
But what if someone advertises us the 10.0.0.0/7 route (aggregate address),
we will accept that coz that is not matching the above Prefix list criteria.
Shouldn't we be using something like below to match any mask for the 10
network
"ip prefix-list deny 10.0.0.0/0 le 32"
I labbed up this scenario and the result is not desirable (I am accepting
10.0.0.0/7 routes).
Need your advice why we use this notion "10.0.0.0/8 le 32".
Thanks,
Gops
Blogs and organic groups at http://www.ccie.net
Received on Thu Nov 04 2010 - 17:38:02 ART
This archive was generated by hypermail 2.2.0 : Sun Dec 05 2010 - 22:14:55 ART