[prev in list] [next in list] [prev in thread] [next in thread]
List: quagga-users
Subject: [quagga-users 13438] Re: iptables rule for quagga bgp
From: "Rolf_Hanßen" <quagga () rhanssen ! de>
Date: 2013-08-27 21:43:30
Message-ID: 9329d5e5c85391415fb753bc31de7734.squirrel () mail ! tawp ! de
[Download RAW message or body]
Hi,
I am not sure if I understand your question at all.
iptables has nothing to do with the process to accept routes or not in
quagga.
In the bgpd you need to use prefix-lists or route-maps to filter prefixes.
If you run/enable zebra those routes will also be installed into the
kernel routing table.
If you want to filter the packets to the quagga process itself you
basically use something like:
# BGP sessions
iptables -A INPUT -s <peer address> -p tcp --dport 179 -j ACCEPT
iptables -A INPUT -s <peer address> -p tcp --sport 179 -j ACCEPT
# Telnet session to zebra
iptables -A INPUT -s <management network> -p tcp --dport 2601 -j ACCEPT
# Telnet session to quagga/bgpd
iptables -A INPUT -s <management network> -p tcp --dport 2605 -j ACCEPT
kind regards
Rolf
> Hi list,
>
> i have a running quagga for bgp peering and it is working great.
> Can someone please help me add rules for iptables to allow quagga to
> accept
> routes.
>
> Thank you. Any help is appreciated.
> _______________________________________________
> Quagga-users mailing list
> Quagga-users@lists.quagga.net
> http://lists.quagga.net/mailman/listinfo/quagga-users
>
_______________________________________________
Quagga-users mailing list
Quagga-users@lists.quagga.net
http://lists.quagga.net/mailman/listinfo/quagga-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic