BGP reading is always good!

“Sometimes I find the information on the Internet that is so far from the facts that it might actually hurt someone. For example, the configuration in this post supposedly prevents you from becoming a transit AS (which is a really bad idea if you’re a multi-homed end-user). Actually, it achieves the goal as it drops all incoming routes due to a malformed AS-path access-list that denies everything 🙂 … but then, why do you need BGP in the first place?

Fortunately, someone provided correct configuration in the comments to the post, just made in unnecessarily complex with the introduction of a route-map.

It really pays off to study all the available BGP filtering mechanisms: AS-path access-list can be applied to updates directly with the neighbor filter-list command. The minimum configuration that guarantees you won’t become a transit AS is thus as follows:”

Full article here


