Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

BGP/bogons

Hi I'm managing a few bgp peers. Two questions 1) just need to know how everyone is updating their bogon filters what the easiest way to do this work is?

2)When changing the weight of a peer I don't see the changes after a clear soft in command.

1 REPLY
Silver

Re: BGP/bogons

If the autosec_iana_reserved_block acl or autosec_complete_bogon aclis applied to the edge interfaces of network devices and these acls are not kept upto date, network connectivity problems will be seen. Traffic from the recently allocated reserved addresses will be blocked thus isolating customers with these addresses.

If the network administrator has already configured autosecure and applied the

autosec_iana_reserved_block acl or autosec_complete_bogon acl to the

edge interfaces, he/she can do the following:

1. Detach the acl from the edge interfaces.

2. Rollback to a config saved prior to configuring autosecure and then

reconfigure autosecure safely as outlined below.

Autosecure can be safely configured for the first time (or

reconfigured after rollback) avoiding the above problem as follows:

1. Use non-interactive mode OR

2. Use interactive mode but

(a) Answer "no" to the question "Configure Ingress Filtering on edge

interfaces?" OR

(b) Choose option 2 i.e. "Apply autosec_private_block acl on all

edge interfaces"

169
Views
0
Helpful
1
Replies