Community discussions

MUM Europe 2020
 
User avatar
Equis
Forum Veteran
Forum Veteran
Topic Author
Posts: 888
Joined: Mon Jun 06, 2005 6:48 am

BGP

Tue Apr 15, 2008 7:12 am

Hello

I have setup BGP that is working fine.

The problem I have is I want to annonce all my routes (ospf) but when I check that box it spits out all my internal routes also.

I setup a filter and also aggregats but it still advertises the routes I don't want.

Any help would be welcome

Thanks :-)
 
ste
Forum Guru
Forum Guru
Posts: 1815
Joined: Sun Feb 13, 2005 11:21 pm

Re: BGP

Tue Apr 15, 2008 10:23 am

Hello

I have setup BGP that is working fine.

The problem I have is I want to annonce all my routes (ospf) but when I check that box it spits out all my internal routes also.

I setup a filter and also aggregats but it still advertises the routes I don't want.

Any help would be welcome

Thanks :-)
Hi,

what is your filter configuration?
Discard at the end of the filter?

Stefan
 
User avatar
Equis
Forum Veteran
Forum Veteran
Topic Author
Posts: 888
Joined: Mon Jun 06, 2005 6:48 am

Re: BGP

Tue Apr 15, 2008 10:27 am

/routing filter
add action=reject chain=speedweb-out comment="" disabled=no invert-match=no prefix=192.168.0.0/16
add action=reject chain=speedweb-out comment="" disabled=no invert-match=no prefix=10.0.0.0/8
add action=accept chain=speedweb-out comment="" disabled=no invert-match=no prefix=203.X.X.0/22
add action=accept chain=speedweb-out comment="" disabled=no invert-match=no prefix=125.X.X.0/21
add action=reject chain=speedweb-out comment="" disabled=no invert-match=no prefix=0.0.0.0

Thanks :-)
 
ste
Forum Guru
Forum Guru
Posts: 1815
Joined: Sun Feb 13, 2005 11:21 pm

Re: BGP

Tue Apr 15, 2008 10:41 am

/routing filter
add action=reject chain=speedweb-out comment="" disabled=no invert-match=no prefix=192.168.0.0/16
add action=reject chain=speedweb-out comment="" disabled=no invert-match=no prefix=10.0.0.0/8
add action=accept chain=speedweb-out comment="" disabled=no invert-match=no prefix=203.X.X.0/22
add action=accept chain=speedweb-out comment="" disabled=no invert-match=no prefix=125.X.X.0/21
add action=reject chain=speedweb-out comment="" disabled=no invert-match=no prefix=0.0.0.0

Thanks :-)
Take a deep look at the last line ;-))).
You do not announce prefix 0.0.0.0/32 but everything else.
Leave prefix-Field empty. And check last line of your firewall rules, too :shock:
I've had the same problem. I was wondering why I got ssh attacks. But my
last rule was drop all traffic that comes from 0.0.0.0.

Stefan
 
User avatar
Equis
Forum Veteran
Forum Veteran
Topic Author
Posts: 888
Joined: Mon Jun 06, 2005 6:48 am

Re: BGP

Tue Apr 15, 2008 10:53 am

OK

I will try that.
Its does work, its just anonces EVERYTHING in my Routing Table

Who is online

Users browsing this forum: No registered users and 41 guests