Options

JNCIP- EBGP Regex-C1 and C2

IOS2JUNOSIOS2JUNOS Member Posts: 56 ■■□□□□□□□□
in Juniper
what do expressions .*65010 and .*65020 do? would ^65010$ and ^65020$ not work?

and to filter default routes
instead of

route-filter 0.0.0.0/0 through 0.0.0.0/32 reject

route-filter 0.0.0.0/0 reject wouldn't work?
· Share on FacebookShare on Twitter

Comments

  • Options
    hoogen82hoogen82 Member Posts: 272
    .*65010 means you could ideally have 100 200 65010... but should have originated from 65010

    ^65010$ means only routes from 65010 and shouldn't have traversed any other AS.

    There is a huge difference 0/0 through 0/32.. 0/0 means rejecting just about everything..Check the JNCIA page 162(196) in the pdf... They kind of explain it with examples...
    IS-IS Sleeps.
    BGP peers are quiet.
    Something must be wrong.
    · Share on FacebookShare on Twitter
  • Options
    IOS2JUNOSIOS2JUNOS Member Posts: 56 ■■□□□□□□□□
    hoogen82 wrote: »
    .*65010 means you could ideally have 100 200 65010... but should have originated from 65010

    ^65010$ means only routes from 65010 and shouldn't have traversed any other AS.

    There is a huge difference 0/0 through 0/32.. 0/0 means rejecting just about everything..Check the JNCIA page 162(196) in the pdf... They kind of explain it with examples...

    got it thanks..i was thinking if the import policy is applied to this customer peer then their routes would be coming from their AS only
    · Share on FacebookShare on Twitter
  • Options
    AldurAldur Member Posts: 1,460
    IOS2JUNOS wrote: »
    route-filter 0.0.0.0/0 reject wouldn't work?

    keep in mind that you have to include a qualifier there too. For example if you said 0/0 orlonger then you'd block every single route, or if you said 0/0 exact then you'd only block 0/0 and 0/1, 0/2, etc could get through.

    So 0/0 through 0/32 will block any 0.0.0.0 route no matter the prefix so that would be the best route to go.
    "Bribe is such an ugly word. I prefer extortion. The X makes it sound cool."

    -Bender
    · Share on FacebookShare on Twitter
  • Options
    IOS2JUNOSIOS2JUNOS Member Posts: 56 ■■□□□□□□□□
    Aldur wrote: »
    keep in mind that you have to include a qualifier there too. For example if you said 0/0 orlonger then you'd block every single route, or if you said 0/0 exact then you'd only block 0/0 and 0/1, 0/2, etc could get through.

    So 0/0 through 0/32 will block any 0.0.0.0 route no matter the prefix so that would be the best route to go.

    Thanks for explanation....i was under the impression that default route is only 0/0..
    · Share on FacebookShare on Twitter
  • Options
    dwater2010dwater2010 Member Posts: 33 ■■□□□□□□□□
    _100$ will do the same thing as .*100 or not?
    · Share on FacebookShare on Twitter
  • Options
    high1432007high1432007 Member Posts: 37 ■■□□□□□□□□
    Aldur wrote: »
    So 0/0 through 0/32 will block any 0.0.0.0 route no matter the prefix so that would be the best route to go.


    Aldur, Can I understand in this way. rather than no matter ther prefix should it be mask?

    which means will block prefix 0.0.0.0/0 or 0.0.0.0/24 or 0.0.0.0/32,

    am I right?
    · Share on FacebookShare on Twitter
  • Options
    high1432007high1432007 Member Posts: 37 ■■□□□□□□□□
    Aldur, can help?
    · Share on FacebookShare on Twitter
  • Options
    AldurAldur Member Posts: 1,460
    high1432007 wrote: »
    Aldur, Can I understand in this way. rather than no matter ther prefix should it be mask?

    which means will block prefix 0.0.0.0/0 or 0.0.0.0/24 or 0.0.0.0/32,

    am I right?

    Oops, looks like I missed your question a few days ago.

    Yup, I believe that your understanding is correct. The three prefixes that you listed will be blocked by the route filter 0/0 through 0/32.
    "Bribe is such an ugly word. I prefer extortion. The X makes it sound cool."

    -Bender
    · Share on FacebookShare on Twitter
Sign In or Register to comment.