Re: Route Reflector architecture and how to get small customer blocks in to BGP?

• From: Joe Provo
• Date: Sun Jan 28 16:14:37 2007

On Sun, Jan 28, 2007 at 10:59:50AM -0700, Danny McPherson wrote:
[snip]
> o If you're going to use redistribution - or not - ensure that all
> external advertisement policies require explicit match of advertise
> communities and default is to deny

This should be just good security policy. I think of it as a 
network-level instance of "that which is not expressly permitted 
is denied" which everyone applies for services on their hosts,
right :-)

Cheers,

Joe
-- 
             RSUC / GweepNet / Spunk / FnB / Usenix / SAGE

• References:
  • Route Reflector architecture and how to get small customer blocks in to BGP? Pete Crocker
  • Re: Route Reflector architecture and how to get small customer blocks in to BGP? Joe Provo
  • Re: Route Reflector architecture and how to get small customer blocks in to BGP? Danny McPherson

• Prev by Date: Re: Route Reflector architecture and how to get small customer blocks in to BGP?
• Next by Date: RE: Route Reflector architecture and how to get small customer blocks in to BGP?
• Date Index
• Thread Index
• Author Index
• Historical