Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
doc:filters [2012/08/28 12:26] – Benjamin Collet | doc:filters [2016/04/17 07:50] – [BGP Filter] Benjamin Collet | ||
---|---|---|---|
Line 5: | Line 5: | ||
* It is also recommended that you don't advertise IPv4 prefixes longer than 28 bits and IPv6 prefixes longer than 60 bits. Of course there are exceptions: | * It is also recommended that you don't advertise IPv4 prefixes longer than 28 bits and IPv6 prefixes longer than 60 bits. Of course there are exceptions: | ||
* Non-RFC1918 addresses reachable via GLaNET. | * Non-RFC1918 addresses reachable via GLaNET. | ||
- | * GLaNET services addresses (/32s from 192.168.248.0/ | + | * GLaNET services addresses (/32s from 192.168.248.0/ |
===== Example prefix lists ===== | ===== Example prefix lists ===== | ||
Line 55: | Line 55: | ||
</ | </ | ||
+ | === Juniper === | ||
+ | < | ||
+ | policy-options { | ||
+ | prefix-list bogons { | ||
+ | /* Non-GLaNET RFC1918 prefix */ | ||
+ | 10.0.0.0/8; | ||
+ | /* Shared address space */ | ||
+ | 100.64.0.0/ | ||
+ | /* Link local */ | ||
+ | 169.254.0.0/ | ||
+ | /* Non-GLaNET RFC1918 prefix */ | ||
+ | 172.16.0.0/ | ||
+ | /* High risk of collision within GLaNET */ | ||
+ | 192.168.0.0/ | ||
+ | /* High risk of collision within GLaNET */ | ||
+ | 192.168.8.0/ | ||
+ | /* High risk of collision within GLaNET */ | ||
+ | 192.168.100.0/ | ||
+ | /* High risk of collision within GLaNET */ | ||
+ | 192.168.200.0/ | ||
+ | /* High risk of collision within GLaNET */ | ||
+ | 192.168.252.0/ | ||
+ | /* Multicast */ | ||
+ | 224.0.0.0/ | ||
+ | /* Former class E */ | ||
+ | 240.0.0.0/ | ||
+ | } | ||
+ | policy-statement bgp-import-generic { | ||
+ | term set-default { | ||
+ | then default-action accept; | ||
+ | } | ||
+ | term default-route { | ||
+ | from { | ||
+ | route-filter 0.0.0.0/0 upto /7 reject; | ||
+ | } | ||
+ | } | ||
+ | term bogons { | ||
+ | from { | ||
+ | prefix-list-filter bogons orlonger; | ||
+ | } | ||
+ | then reject; | ||
+ | } | ||
+ | } | ||
+ | } | ||
+ | </ | ||
==== IPv6 ==== | ==== IPv6 ==== | ||
Line 84: | Line 129: | ||
< | < | ||
function net_martian() | function net_martian() | ||
- | { | + | { |
- | return net ~ [ 3ffe::/16+, 2001: | + | return net ~ [ 3ffe::/16+, 2001: |
| | ||
} | } |