[94601] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Route Reflector architecture and how to get small customer blocks in to BGP?

daemon@ATHENA.MIT.EDU (Joe Provo)
Sun Jan 28 16:13:13 2007

Date: Sun, 28 Jan 2007 16:12:11 -0500
From: Joe Provo <nanog-post@rsuc.gweep.net>
To: NANOG <nanog@merit.edu>
Reply-To: nanog-post@rsuc.gweep.net
In-Reply-To: <C349E401-A2C7-4F37-8B92-AFB51B8A6758@tcb.net>
Errors-To: owner-nanog@merit.edu


On Sun, Jan 28, 2007 at 10:59:50AM -0700, Danny McPherson wrote:
[snip]
> o If you're going to use redistribution - or not - ensure that all
> external advertisement policies require explicit match of advertise
> communities and default is to deny

This should be just good security policy. I think of it as a 
network-level instance of "that which is not expressly permitted 
is denied" which everyone applies for services on their hosts,
right :-)

Cheers,

Joe
-- 
             RSUC / GweepNet / Spunk / FnB / Usenix / SAGE


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[94601] in North American Network Operators' Group

Re: Route Reflector architecture and how to get small customer blocks in to BGP?

daemon@ATHENA.MIT.EDU (Joe Provo)Sun Jan 28 16:13:13 2007

daemon@ATHENA.MIT.EDU (Joe Provo)
Sun Jan 28 16:13:13 2007