[14622] in North American Network Operators' Group
BGP community based IP filtering
daemon@ATHENA.MIT.EDU (Matt Ryan)
Thu Jan 15 09:41:22 1998
Date: Thu, 15 Jan 1998 14:18:21 -0000 (GMT)
From: Matt Ryan <matt@planet.net.uk>
To: nanog@merit.edu
I've been having an email discussion with a couple of Cisco engineers about
how useful BGP community based IP filtering might be. The following IOS
config fragment might help explain what I'm getting at:
int fddi0
ip access-group community-list 10 in
!
ip community-list 10 permit AA:BB
ip community-list 10 permit CC:DD
!
If you are using communities to make your prefix announcements to peers,
this then allows the router to filter incoming IP packets that match your
announcements. Excepting things like CPU load, implementation details, etc
do you think this would be helpful, or am I way off with this?
Regards
Matt.
---
Matt Ryan - Network Engineer matt@planet.net.uk
Planet OnLine Ltd, The White House, Tel: +44 113 2345566
Melbourne Street, Leeds, LS2 7PS, UK Fax: +44 113 2240003
