[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

100.100.0.0/24

Subject: 100.100.0.0/24
From: randy at psg.com (Randy Bush)
Date: Sat, 06 Oct 2012 16:34:19 -0700
In-reply-to: <[email protected]>
References: <[email protected]> <m2a9w16rzb.wl%[email protected]> <[email protected]> <CAL9jLabjOkxTmmtThgJKL=SNjYk=JNOzn7StomDsFGhvMsaOFQ@mail.gmail.com> <[email protected]> <CAOvEG7Pt_t30X07zT_sdWx2x0Duz8LkweGtcC_1Z2NpCKjyqcg@mail.gmail.com> <[email protected]> <m2k3v32nko.wl%[email protected]> <[email protected]>

>>>> http://www.team-cymru.org/Services/Bogons/bgp.html
>>> Please tell me how I can configure my router to use that feed to
>>> automatically reject any bogon advertisements I receive from other BGP
>>> neigbhors.
>> 
>> you actually have to look at that web page
> 
> If you're seeing the same page, the configs and explanations there show
> how to drop packets destined to bogons, not routes.
> 
> (I also want to know the answer to that question)

then read the frelling page!!!

http://www.team-cymru.org/Services/Bogons/bgp-examples.html#cisco-full-v4trans

router bgp <your asn>
 ! Session 1
 neighbor A.B.C.D remote-as 65332
 neighbor A.B.C.D description <your description>
 neighbor A.B.C.D ebgp-multihop 255
 neighbor A.B.C.D password <your password>
 ! Session 2
 neighbor E.F.G.H remote-as 65332
 neighbor E.F.G.H description <your description>
 neighbor E.F.G.H ebgp-multihop 255
 neighbor E.F.G.H password <your password>
!
 address-family ipv4
  ! Session 1
  neighbor A.B.C.D activate
  neighbor A.B.C.D soft-reconfiguration inbound
  neighbor A.B.C.D prefix-list cymru-out-v4 out
  neighbor A.B.C.D route-map CYMRUBOGONS-V4 in
  ! Session 2
  neighbor E.F.G.H activate
  neighbor E.F.G.H soft-reconfiguration inbound
  neighbor E.F.G.H prefix-list cymru-out-v4 out
  neighbor E.F.G.H route-map CYMRUBOGONS-V4 in
!
 address-family ipv6
  ! Session 1
  neighbor A.B.C.D activate
  neighbor A.B.C.D soft-reconfiguration inbound
  neighbor A.B.C.D prefix-list cymru-out-v6 out
  neighbor A.B.C.D route-map CYMRUBOGONS-V6 in
  ! Session 2
  neighbor E.F.G.H activate
  neighbor E.F.G.H soft-reconfiguration inbound
  neighbor E.F.G.H prefix-list cymru-out-v6 out
  neighbor E.F.G.H route-map CYMRUBOGONS-V6 in
!
! Depending on IOS version, you may need to configure your router
! for new-style community syntax.
ip bgp-community new-format
!
ip community-list 100 permit 65332:888
!
ip route 192.0.2.1 255.255.255.255 Null0
!
ip prefix-list cymru-out-v4 seq 5 deny 0.0.0.0/0 le 32
!
ipv6 route 2001:DB8:0:DEAD:BEEF::1/128 Null0
!
ipv6 prefix-list cymru-out-v6 seq 5 deny ::/0 le 128
!
route-map CYMRUBOGONS-V6 permit 10
description IPv6 Filter bogons learned from cymru.com bogon route-servers
match community 100
set ipv6 next-hop 2001:DB8:0:DEAD:BEEF::1
!
route-map CYMRUBOGONS-V4 permit 10
description IPv4 Filter bogons learned from cymru.com bogon route-servers
match community 100
set ip next-hop 192.0.2.1

Follow-Ups:
- 100.100.0.0/24
  - From: nick at foobar.org (Nick Hilliard)

References:
- 100.100.0.0/24
  - From: joelja at bogus.com (joel jaeggli)
- 100.100.0.0/24
  - From: randy at psg.com (Randy Bush)
- 100.100.0.0/24
  - From: joelja at bogus.com (joel jaeggli)
- 100.100.0.0/24
  - From: morrowc.lists at gmail.com (Christopher Morrow)
- 100.100.0.0/24
  - From: jared at puck.nether.net (Jared Mauch)
- 100.100.0.0/24
  - From: uwcableguy at gmail.com (Ben Bartsch)
- 100.100.0.0/24
  - From: rbf+nanog at panix.com (Brett Frankenberger)
- 100.100.0.0/24
  - From: randy at psg.com (Randy Bush)
- 100.100.0.0/24
  - From: vasil at ludost.net (Vasil Kolev)

Prev by Date: 100.100.0.0/24
Next by Date: names are not numbers, was IPv4 address length technical design
Previous by thread: 100.100.0.0/24
Next by thread: 100.100.0.0/24
Index(es):
- Date
- Thread