Absolutely, iACLs can also prevent access to NXAPI and SNMP but those aren't the most central place to put rules like that.
If iACLs are the only way to prevent access to BGP fine, but what would be the technical explanation for that? Does BGP run a separate instance on each L3 interface or is there a central process (somewhere)? Thanks, -Drew -----Original Message----- From: Dobbins, Roland <roland.dobb...@netscout.com> Sent: Wednesday, June 2, 2021 2:30 PM To: Drew Weaver <drew.wea...@thenap.com> Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] Nexus Architecture question > On Jun 2, 2021, at 20:46, Drew Weaver <drew.wea...@thenap.com> wrote: > > The reason I am asking is because I've noticed that no matter what I do I > cannot seem to "close" the BGP port by using CoPP. iACLs can accomplish the goal, yes? --------------------------- roland.dobb...@netscout.com _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
