I disagree.. how about this: access-list 50 deny 0.0.0.0 0.0.0.31 or for those brave folk: access-list 50 deny 0.0.0.0 0.0.0.255 The extended access-list is used in the classic "FROM ip" and "TO ip" application. My point was to use the standard access-list applied to a BGP session. The only thing I can think of that you would need a FROM/TO senerio in would be peering with Route Servers, although in this case I use route-maps filtering on path and by address. I don't even think an extended access-list will apply to a bgp session, but I could be wrong. Your BGP peer config is going to look something like this with a standard access-list : router bgp 7171 neighbor 198.32.69.69 remote-as 6969 ; sorry about your luck N2K Inc. neighbor 198.32.69.69 version 4 neighbor 198.32.69.69 distribute-list 50 in neighbor 198.32.69.69 route-map as-customers out access-list 50 deny 0.0.0.0 0.0.0.0 access-list 50 deny 0.0.0.0 0.0.0.31 access-list 50 deny 127.0.0.0 0.255.255.255 access-list 50 deny 10.0.0.0 0.255.255.255 etc... Todd R. Stroup Fiber Network Solutions, Inc. On Tue, 23 Sep 1997, Alec H. Peterson wrote:
On Tue, Sep 23, 1997 at 12:43:29PM -0400, Todd R. Stroup wrote:
Why not use a standard access-list like :
Because some people like to do prefix length filtering as well, in which case you need to use an extended access list.
Alec
-- +------------------------------------+--------------------------------------+ |Alec Peterson - ahp@hilander.com | Erols Internet Services, INC. | |Network Engineer | Springfield, VA. | +------------------------------------+--------------------------------------+