[afnog] Private IP Filters in bgp
Heinrich Strauss
heinrich at hstrauss.co.za
Mon May 28 05:19:07 UTC 2012
Just to reiterate something from Randy's example (which may have gone
unnoticed):
100.64.0.0/10 should also be filtered.
This was desginated for "Shared Address Space" as per
http://www.rfc-editor.org/rfc/rfc6598.txt
Regards,
Heinrich
On 2012/05/27 11:26, Randy Bush wrote:
> i just looked at what i do in ios classic, and it is a bit perverse
>
> no ip prefix-list v4-bogons
> ip prefix-list v4-bogons permit 0.0.0.0/8 le 32
> ip prefix-list v4-bogons permit 10.0.0.0/8 le 32
> ip prefix-list v4-bogons permit 100.64.0.0/10 le 32
> ip prefix-list v4-bogons permit 127.0.0.0/8 le 32
> ip prefix-list v4-bogons permit 169.254.0.0/16 le 32
> ip prefix-list v4-bogons permit 172.16.0.0/12 le 32
> ip prefix-list v4-bogons permit 192.0.2.0/24 le 32
> ip prefix-list v4-bogons permit 192.168.0.0/16 le 32
> ip prefix-list v4-bogons permit 223.0.0.0/8 le 32
> ip prefix-list v4-bogons permit 224.0.0.0/3 le 32
> ...
> route-map ebgp4-in deny 1
> match ip address prefix-list v4-bogons
>
> randy
More information about the afnog
mailing list