North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Best practice ACLs for a internet facing border router?

  • From: matthew zeier
  • Date: Mon Jun 13 14:24:37 2005

Drew Weaver wrote:
	I'm just curious if anyone has ever published a list of what is
an agreed upon best practice list of ACLs for an internet facing border
router. I'm talking about things like bogons, private Ip addresses, et
cetera. If anyone is aware of anything like this I'd like to see it.
Depending on your flavor of router, you might need to take multiple approaches.

On my 12000s, I'm only using RACLs (beyond prefix filtering) and do more specific ACLs closer down to the "core".

matthew zeier - "Curiosity is a willing, a proud, an eager confession
of ignorance." - Leonard Rubenstein