[NANOG] peering between ASes
Nathan Ward
nanog at daork.net
Sat May 17 05:36:20 UTC 2008
On 17/05/2008, at 5:30 PM, Matthew Moyle-Croft wrote:
>> If you really need to, you can get a similar effect by using
>> ASPATH poisoning; just prepend your AS paths with the ASes you
>> don't want those prefixes hitting.
>>
>> ..
>> Nothing really about how it works in a MLPA IXP though.
>>
> It'd work, but it's a pretty evil thing to do and it's a fairly easy
> to get around surely (neighbor 1.1.1.1 allowas-in on IOS).
"If you really need to". Geoff's thing also says "controversial".
If the foreign AS really wants to send you routes that way, they can
do it regardless of how you stop your advertisements being accepted by/
reaching them. We're hardly talking high security here.
ip route <prefix> <netmask> 1.1.1.1 works a treat.
--
Nathan Ward
More information about the NANOG
mailing list