[prev in list] [next in list] [prev in thread] [next in thread]
List: juniper-nsp
Subject: Re: [j-nsp] Dynamic generation of interface IPs of OSPF
From: Thedin Guruge <thedin () gmail ! com>
Date: 2011-01-28 18:21:59
Message-ID: AANLkTim8hrmZiKYxsJQz8Vk83_-QB6Kd6PEJK1ghBF1c () mail ! gmail ! com
[Download RAW message or body]
yeah or even assign the protocol active interfaces to an interface group
which then can be associated with a firewall filter applied to the loopback
interface.
On Sat, Jan 29, 2011 at 6:49 AM, Jensen Tyler <JTyler@fiberutilities.com>wrote:
> You could filter by configured interface and IP Space you own( or use in
> your core). Not what you are looking for but easy to do.
>
> -----Original Message-----
> From: juniper-nsp-bounces@puck.nether.net [mailto:
> juniper-nsp-bounces@puck.nether.net] On Behalf Of David Ball
> Sent: Friday, January 28, 2011 11:37 AM
> To: Juniper-Nsp
> Subject: [j-nsp] Dynamic generation of interface IPs of OSPF neighbo(u)rs ?
>
> Brain stuck in Friday mode. I've created a prefix-list using apply-path
> which looks at 'protocols bgp group <*> neighbor <*>' to get a list of my
> BGP neighbour IPs. Works fine. Now I'm trying to think of a way to do the
> same with OSPF neighbor IPs (and perhaps even LDP, RSVP, etc). Not quite
> as
> easy since they're not all listed together in 1 spot anywhere, so I'm
> trying
> to figure out how or if it's possible to dynamically generate such a list.
> What I'm trying to create is a firewall filter for lo0 which only allows
> appropriate traffic to the RE, such that if one of our operators adds a new
> OSPF interface, they won't have to remember to update the firewall filter.
> As stated above, the stanza to allow BGP was easy, but I can't think of a
> way for the other protocols. Trying to avoid manually maintaining a
> prefix-list which contains all of said IPs. Is commit scripts my only path
> to glory ?
>
> David
> _______________________________________________
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic