Re: The Gorgon's Knot. Was: Re: Verio Peering Question
| > ip as-path access-list 1 permit _badguy_ | > | > route-map fix-badguy permit 10 | > descr proxy-aggregate the networks who are "holey" | > match as-path 1 | > | > router bgp my-as | > aggregate-address bad.guy.blo.ck1 255.255.224.0 as-set suppress-map fix-badguy | > aggregate-address bad.guy.blo.ck2 255.255.224.0 as-set suppress-map fix-badguy | > ... | | And one aggregates a lone /24 with what? Oh yay, a bona fide techical question. The answer: ACL 1 need not match only one AS as-set is there to deal with matches on multiple AS paths since we want to avoid looping announcements. conveniently, not only does it handle the case where ACL 1 matches lots of AS paths containing _X_, it can equally handle the case where ACL 1 matches lots of AS paths containing _Y_. Next time I use the example I will remember to make ACL 1 longer, and change "bad.guy.blo.ck1" (etc) into something along the lines of "poo.rag.gre.g81", but perhaps more aesthetically pleasing. Sean.
participants (1)
-
smd@clock.org