[NANOG] peering between ASes

• Previous message (by thread): [NANOG] peering between ASes
• Next message (by thread): [NANOG] peering between ASes
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 17/05/2008, at 5:30 PM, Matthew Moyle-Croft wrote:
>> If you really need to, you can get a similar effect by using  
>> ASPATH  poisoning; just prepend your AS paths with the ASes you  
>> don't want  those prefixes hitting.
>>
>> ..
>>  Nothing really about how it works in a MLPA IXP though.
>>
> It'd work, but it's a pretty evil thing to do and it's a fairly easy  
> to get around surely (neighbor 1.1.1.1 allowas-in on IOS).

"If you really need to". Geoff's thing also says "controversial".

If the foreign AS really wants to send you routes that way, they can  
do it regardless of how you stop your advertisements being accepted by/ 
reaching them. We're hardly talking high security here.

ip route <prefix> <netmask> 1.1.1.1 works a treat.

--
Nathan Ward

• Previous message (by thread): [NANOG] peering between ASes
• Next message (by thread): [NANOG] peering between ASes
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]