North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Route Reflector architecture and how to get small customer blocks in to BGP?

  • From: Steve Meuse
  • Date: Sun Jan 28 16:04:06 2007
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=JaYFVlpPJzyl1ELSC8Ad1cr1KOv35DfW4yC0ZFnFpr9Mzs9msAFz69qhTT0dEjG3KE+XkVlXeGcuLjXNXr/TNpMgyUUhVX+sYIV/EfEBOSaGXKXYCTlfXOYm5Vgs//ME2qrkFPzydwjGqLlj/fdp+x9D0l9wCrMxb6KADwVjtJ8=



On 1/28/07, Danny McPherson <[email protected]> wrote:

o If you're going to use redistribution - or not - ensure that all
external advertisement policies require explicit match of advertise
communities and default is to deny


I'll second that recommendation. I learned early in life that this can be a mess otherwise. We employed that technique at BBN/Genu and it kept us from leaking quite nicely. If a provisioning person forgot a customer inbound route-map or something, we didn't accidentally hose ourselves.


--

-Steve