I am assuming your IP addresses are from network 184.108.40.206/16.
You should apply the proper inbound and outbound filters to be sure an ISP failure will not get you in trouble. An example configuration would look like this:
description to ISP
ip address 220.127.116.11 255.255.255.252
router bgp 65000
network 18.104.22.168 mask 255.255.0.0
neighbor 22.214.171.124 remote-as 1
neighbor 126.96.36.199 prefix-list NoTrash in
neighbor 188.8.131.52 filter-list 1 out
neighbor 184.108.40.206 weight 150
ip as-path access-list 1 permit ^$
ip prefix-list NoTrash deny 192.168.0.0/16 le 32
ip prefix-list NoTrash deny 172.16.0.0/12 le 32
ip prefix-list NoTrash deny 10.0.0.0/8 le 32
ip prefix-list NoTrash deny 220.127.116.11/16 le 32
ip prefix-list NoTrash permit 0.0.0.0/0 le 32
ip route 18.104.22.168 255.255.0.0 Null 0 250
This would announce only the official IP addresses to the ISP. Also all RFC1918 routes are blocked. You could extend this and use the BOGON list for filtering, but this would require more maintainance, because you have to adjust the filters from time to time. For a customer it should be sufficient to block all routes you potentially have internally.
Alternatively you can restrict everything accepted to the default route, in case the ISP is willing to send you one (he should have no problem).
ip prefix-list NoTrash permit 0.0.0.0/0
I would NEVER redistribute BGP into your IGP. This could kill your network once a failure - config or IOS - happens. Rather use a default route created by your IGP. An example:
there are enterprises handling the full BGP table as well. This is usually the case, when there are two ISPs for redundancy. In case you have only one ISP, a default route might just be enough.
A1) the prefix-list will not allow updates about your own networks. This could happen, if someone in the Internet is announcing your addresses (by error ...).
BGP will only insert a network into the BGP table if the exact match is found in the IP routing table. Thus ip route 22.214.171.124 255.255.0.0 Null 0 250 "organizes" this required entry. The assumption is, that in reality subnetting will be used and thus 126.96.36.199/16 is not present in the routing table.
2) There is no further config required in OSPF. You could however omitt the "always" to conditionally advertise a default route, IF it is found in the routing table. This requires however your ISP to announce one or you use static default route.
3) The priority can be given by setting a different cost value in OSPF "default-information ... metric 1000"
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...