bgp reject all
dwater2010
Member Posts: 33 ■■□□□□□□□□
in Juniper
Hi,
Is it necessary to have reject statement at the end of all ebgp/ibgp import export policy? For example I am rejecting all RFC1918 in term 1 then adding community in term 2 and dont have accept in term 2 and then I will leave the policy other thing i can have term2 with next policy in then action and have term 3 rejecting all. Both are doing the samething then which one should I use?
Is it necessary to have reject statement at the end of all ebgp/ibgp import export policy? For example I am rejecting all RFC1918 in term 1 then adding community in term 2 and dont have accept in term 2 and then I will leave the policy other thing i can have term2 with next policy in then action and have term 3 rejecting all. Both are doing the samething then which one should I use?
Comments
-
densma Member Posts: 40 ■■□□□□□□□□default bgp policy Accept all routes learned from BGP neighbors
your term term 3 is not necessary but if there's no match in term 2 then will fall into your term 3. All depends on your goal/requirement. -
darry9502 Member Posts: 12 ■□□□□□□□□□For IBGP, it is better NOT to have the explicit reject term, unless you want to specfic all the routes for the accept term. IBGP is more for advertise/export aggregate route and also to set the next-hop self.
For EBGP, as per densma's comment, it depends on the requirements. See chapter 6 case studies in which the C1/C2 peering had a "kill-rest" reject all term, which means NOT to accept any routes that does not originated from the customers as-path.
So in the transit network, if you do this, then you are going to deny transit traffic that does not originated from transit network from entering your AS.
Hope it is clear to you.