28 Mar
2013
28 Mar
'13
8:20 a.m.
If you are doing strict BGP prefix-filter, it's either very easy to generate ACL while at it Yes and that is exactly what needs to become a habit for all the operators. We all do care what our neighbors advertise to us or what prefixes we accept from them. But only a few really do care whether that's actually what is leaving our neighbor's network.
It's a pity that rpf is not "on" by default for interfaces over which the ebgp session is configured. adam