===== reject_bogon_asns ===== policy-options { as-path-group bogon-asns { /* RFC7607 */ as-path zero ".* 0 .*"; /* RFC 4893 AS_TRANS */ as-path as_trans ".* 23456 .*"; /* RFC 5398 and documentation/example ASNs */ as-path examples1 ".* [64496-64511] .*"; as-path examples2 ".* [65536-65551] .*"; /* RFC 6996 Private ASNs*/ as-path reserved1 ".* [64512-65534] .*"; as-path reserved2 ".* [4200000000-4294967294] .*"; /* RFC 6996 Last 16 and 32 bit ASNs */ as-path last16 ".* 65535 .*"; as-path last32 ".* 4294967295 .*"; /* RFC IANA reserved ASNs*/ as-path iana-reserved ".* [65552-131071] .*"; } policy-statement import_from_ebgp { term bogon-asns { from as-path-group bogon-asns; then reject; } term ..... } } ===== reject_bogon_prefixes ===== whois -h whois.radb.net fltr-martian policy-options { prefix-list BOGONS_v4 { 0.0.0.0/8; 10.0.0.0/8; 100.64.0.0/10; 127.0.0.0/8; 169.254.0.0/16; 172.16.0.0/12; 192.0.2.0/24; 192.88.99.0/24; 192.168.0.0/16; 198.18.0.0/15; 198.51.100.0/24; 203.0.113.0/24; 224.0.0.0/4; 240.0.0.0/4; } policy-statement BGP_FILTER_IN { term IPv4 { from { prefix-list BOGONS_v4; } then reject; } } } ===== reject_transit_paths ===== policy-options { policy-statement bgp-import-policy { term no-transit-leaks { from as-path no-transit-import-in; then reject; } } } as-path no-transit-import-in ".* (174|209|701|702|1239|1299|2914|3257|3320|3356|3549|3561|4134|5511|6453|6461|6762|7018) .*"; ===== reject_small_prefixes ===== policy-options { policy-statement bgp-import-policy { term reject_too_small_prefixes_v4 { from { route-filter 0.0.0.0/0 prefix-length-range /25-/32; } then { reject; } } } }