Categories
Welcome Center
Education & Development
Cyber Security
Virtualization
General
Certification Preparation
Project Management
Posts
Groups
Training Resources
Infosec
IT & Security Bootcamps
Practice Exams
Security Awareness Training
About Us
Home
Certification Preparation
Juniper
bgp reject all
dwater2010
Hi,
Is it necessary to have reject statement at the end of all ebgp/ibgp import export policy? For example I am rejecting all RFC1918 in term 1 then adding community in term 2 and dont have accept in term 2 and then I will leave the policy other thing i can have term2 with next policy in then action and have term 3 rejecting all. Both are doing the samething then which one should I use?
Find more posts tagged with
Comments
densma
default bgp policy Accept all routes learned from BGP neighbors
your term term 3 is not necessary but if there's no match in term 2 then will fall into your term 3. All depends on your goal/requirement.
darry9502
For IBGP, it is better NOT to have the explicit reject term, unless you want to specfic all the routes for the accept term. IBGP is more for advertise/export aggregate route and also to set the next-hop self.
For EBGP, as per densma's comment, it depends on the requirements. See chapter 6 case studies in which the C1/C2 peering had a "kill-rest" reject all term, which means NOT to accept any routes that does not originated from the customers as-path.
So in the transit network, if you do this, then you are going to deny transit traffic that does not originated from transit network from entering your AS.
Hope it is clear to you.
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
