BGP conf

• Previous message (by thread): BGP conf
• Next message (by thread): BGP conf
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 11/2/2011 8:58 PM, Jeff Wheeler wrote:
> On Wed, Nov 2, 2011 at 8:44 PM, Jack Bates<jbates at brightok.net>  wrote:
>> Now I have the mile long monstrosity that uses BGP communities for
>> everything, and of route-maps/policies with prefix-lists for downstream
>> customers. You have to start somewhere.
>>
>> cymru secure bgp templates is probably a good beginning.
> I guess ten years of watching RIRs and users de-bogon new /8s didn't
> teach you why those Cymru examples are more dangerous than they are
> good.
>
Have to read the current cymru bgp templates?

"

! Team Cymru has removed all static bogon references from this template
! due to the high probability that the application of these bogon filters
! will be a one-time event. Unfortunately many of these templates are
! applied and never re-visited, despite our dire warnings that bogons do
! change.
!
! This doesn't mean bogon filtering can't be accomplished in an automated
! manner. Why not consider peering with our globally distributed bogon
! route-server project? Alternately you can obtain a current and well
! maintained bogon feed from our DNS and RADb services. Read more at the
! link below to learn how!
!
! 	https://www.team-cymru.org/Services/Bogons/
"

• Previous message (by thread): BGP conf
• Next message (by thread): BGP conf
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]