[93459] in North American Network Operators' Group
Re: "Neighbor maximum-prefix" option on routers
daemon@ATHENA.MIT.EDU (Mikael Abrahamsson)
Mon Nov 20 06:55:31 2006
Date: Mon, 20 Nov 2006 12:49:23 +0100 (CET)
From: Mikael Abrahamsson <swmike@swm.pp.se>
To: nanog@nanog.org
In-Reply-To: <20061120085306.GA23127@shekinah.ip.tiscali.net>
Errors-To: owner-nanog@merit.edu
On Mon, 20 Nov 2006, Alexander Koch wrote:
>
> On Mon, 20 November 2006 09:03:17 +0100, Mikael Abrahamsson wrote:
> [..]
>> Having both max-prefix and route-map and prefix-list makes for good
>> engineering over time.
>
> Ain't that a bit over- engineered? If you have a prefix list
> (presumably to a customer) do you want to seriously shutdown
> the session when he sends you random prefixes because it is
> easy to break when you are new to it? Would create unneeded
> tickets I'd say. Prefix lists (exact match) with no max-prefix
> (as those are then rejected anyway) work fine here...
I believe max-prefix works after the prefix-list is applied (so it'll do
max-prefix on the prefixes that is allowed by the prefix-list) but I
haven't tried so I don't know for sure.
Anyone tried it and know for a fact what the behaviour is?
If it is the way I believe then I'd say that having a prefix list and
setting max-prefix to 200 or so (for small customer) protects against
someone accidentally borking up the prefix-list or route-map and protects
your network in that case.
--
Mikael Abrahamsson email: swmike@swm.pp.se
