[afnog] Private IP Filters in bgp
Yasini Kilima
ykilima at tra.go.tz
Fri May 25 13:41:26 UTC 2012
Thanks Noah I will do it and will feedback
-----Original Message-----
From: Maina Noah [mailto:noah at neo.co.tz]
Sent: Friday, May 25, 2012 3:05 PM
To: Yasini Kilima
Cc: afnog at afnog.org
Subject: Re: Private IP Filters in bgp
> Message: 3
> Date: Fri, 25 May 2012 11:14:22 +0000
> From: Yasini Kilima <ykilima at tra.go.tz>
> To: "afnog at afnog.org" <afnog at afnog.org>
> Subject: [afnog] Private IP Filters in bgp
> Hello Gurus,
Hello Yasin,
> I am trying to create an IP prefix filter to filter bogons Private
> blocks received from one of my peer provider's announcements.
Great.
> I don't want to receive his PRIVATE prefixes what should I do?
Create the access-list like example below that will match the above distribute list defined in ur bgp config.
access-list 100 remark RFC1918-Bogon-prefixes
access-list 100 deny ip host 0.0.0.0 any
access-list 100 deny ip 10.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255
access-list 100 deny ip 127.0.0.0 0.255.255.255 255.0.0.0 0.255.255.255
access-list 100 deny ip 169.254.0.0 0.0.255.255 255.255.0.0 0.0.255.255
access-list 100 deny ip 17.16.0.0 0.15.255.255 255.240.0.0 0.15.255.255
access-list 100 deny ip 192.168.0.0 0.0.255.255 255.255.255.0 0.0.0.255
access-list 100 deny ip 223.255.255.0 0.0.0.255 255.255.255.0 0.0.0.255
access-list 100 deny ip 224.0.0.0 31.255.255.255 224.0.0.0 31.255.255.255
access-list 100 deny ip 172.16.0.0 0.15.255.255 255.240.0.0 0.15.255.255
access-list 100 permit ip any any
Then, under your bgp config mode, define a distribute list like;
router bgp xyz
neighbor a.b.c.d distribute-list 100 in
> Please help me!
I hope the above will help.
> Yasini.
>
./noah maina
________________________________
DISCLAIMER: This e-mail and any attachments are proprietary to TANZANIA REVENUE AUTHORITY.Any unauthorized use or interception is illegal. The views and opinions expressed are those of the sender, unless clearly stated as being those of TANZANIA REVENUE AUTHORITY. This e-mail is only addressed to the addressee and TANZANIA REVENUE AUTHORITY shall not be responsible for any further publication of the contents of this e-mail. If this e-mail is not addressed to you, you may not copy, print, distribute or disclose the contents to anyone nor act on its contents. If you received this in error, please inform the sender and delete this e-mail from your computer.
More information about the afnog
mailing list