Second the suggestion
Jay Murphy IP Network Specialist NM Department of Health ITSD - IP Network Operations Santa Fe, New Mexico 87502 Bus. Ph.: 505.827.2851 "We move the information that moves your world." -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Pete Templin Sent: Tuesday, March 17, 2009 1:50 PM To: Jeff Cartier Cc: [email protected] Subject: Re: [c-nsp] BGP/ACL Question Jeff Cartier wrote: > I'm going to be configuring CoPP to match BGP traffic between > peers...and I am having a forgetful moment :-)...in order to match the > BGP peer, in my ACL, should I be matching based on the BGP local > router-ID or on the directly connected interface? Match based on whatever the update-source is for that neighbor. Default is closest physical interface at the time that the session is established, typical practice is to use a loopback interface for iBGP sessions. Router-ID won't appear in the IP headers of the packets. pt _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ______________________________________________________________________ This inbound email has been scanned by the MessageLabs Email Security System. ______________________________________________________________________ Confidentiality Notice: This e-mail, including all attachments is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited unless specifically provided under the New Mexico Inspection of Public Records Act. If you are not the intended recipient, please contact the sender and destroy all copies of this message. -- This email has been scanned by the Sybari - Antigen Email System. _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
