26 Jan
2012
26 Jan
'12
5:02 a.m.
If you're a little bigger and have BGP customers, then I highly recommend use of BGP communities to control your outbound route filtering. By defining and setting communties on received customer routes, you can turn up new BGP customers without having to modify anything beyond the router they're connected to. It amazes me that there are large networks still not setup this way. "You need an after hours maintenance window to turn up a BGP customer?" "Yeah, we have to modify the prefix list filters on all our backbone routers." WTF?
What about traffic filtering? You may use RPF for ingress traffic, but what to do about egress? Or does your router write those ACLs based on BGP community? thanks Thilo