Ferramentas do usuário
docs:bgp-filter-examples
Essa é uma revisão anterior do documento!
Tabela de conteúdos
reject_bogon_asns
policy-options {
as-path-group bogon-asns {
/* RFC7607 */
as-path zero ".* 0 .*";
/* RFC 4893 AS_TRANS */
as-path as_trans ".* 23456 .*";
/* RFC 5398 and documentation/example ASNs */
as-path examples1 ".* [64496-64511] .*";
as-path examples2 ".* [65536-65551] .*";
/* RFC 6996 Private ASNs*/
as-path reserved1 ".* [64512-65534] .*";
as-path reserved2 ".* [4200000000-4294967294] .*";
/* RFC 6996 Last 16 and 32 bit ASNs */
as-path last16 ".* 65535 .*";
as-path last32 ".* 4294967295 .*";
/* RFC IANA reserved ASNs*/
as-path iana-reserved ".* [65552-131071] .*";
}
policy-statement import_from_ebgp {
term bogon-asns {
from as-path-group bogon-asns;
then reject;
}
term .....
}
}
reject_bogon_prefixes
policy-options {
prefix-list BOGONS_v4 {
0.0.0.0/8;
10.0.0.0/8;
100.64.0.0/10;
127.0.0.0/8;
169.254.0.0/16;
172.16.0.0/12;
192.0.2.0/24;
192.88.99.0/24;
192.168.0.0/16;
198.18.0.0/15;
198.51.100.0/24;
203.0.113.0/24;
224.0.0.0/4;
240.0.0.0/4;
}
policy-statement BGP_FILTER_IN {
term IPv4 {
from {
prefix-list BOGONS_v4;
}
then reject;
}
}
}
reject_transit_paths
reject_small_prefixes
policy-options {
policy-statement bgp-import-policy {
term reject_too_small_prefixes_v4 {
from {
route-filter 0.0.0.0/0 prefix-length-range /25-/32;
}
then {
reject;
}
}
}
}
docs/bgp-filter-examples.1548162823.txt.gz · Última modificação: 2019/01/22 11:13 por marcelo
Ferramentas da página
