On Fri, Jan 18, 2002 at 04:03:35PM -0500, Stephen Griffin wrote:
In the referenced message, Jared Mauch said:
You may want to consider using tftp/rcp/whatnot loaded files for this.
As it loads [most if not all depending on the config length] all of the config then parses it promptly.
this will prevent leakage in rare cases.
- jared
I have noted that even tftp-loaded files run the risk of a BGP scan occuring between the parsing of "no access-list foo" and the parsing of the first "access-list foo" line. It appears Brand C takes the non-existance of an access-list to mean "implicit permit". I think this is probably the source of much of the seen mini-leaks.
i had a mini-leak that was only related to an adjacent router rebooting that also originated the p2p /30 i think there is some bug w/ community based filtering that allowed it to leak. (i am following up with the related vendor) - jared -- Jared Mauch | pgp key available via finger from jared@puck.nether.net clue++; | http://puck.nether.net/~jared/ My statements are only mine.