North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: 69/8...this sucks -- Centralizing filtering..
From: "McBurnett, Jim" > > No seriously.. > What if that customer has a VPN design with a dial backup behind their firewall. > Using BGP to suck down a default route from the provider, > when that default route goes away, then the internal router initiates the dial > backup solution to the remote network. > They should not be sending out any BGP routes though.. > But.. See example above... > <snip other method> > Sure this is somewhat unusual, but I have seen it, and corrected it... > Oh, I agree that there are times when BGP is used in a single uplink scenario, but it is not common. However, someone pointed me to ip verify unicast source reachable-via any which seems to be available on some of the cisco Service provider releases. It's an interesting concept and I'm itching to play with it. If you aren't in my routing table, then why accept the IP address? -Jack