Brocade BigIron RX Series Configuration Guide User Manual
Page 927
BigIron RX Series Configuration Guide
849
53-1002484-04
Configuring BGP4 neighbors
27
Alternatively, you can specify filter-list <acl-num> in | out | weight to use an AS-path ACL instead of
an AS-path filter list. In this case, <acl-num> is an AS-path ACL.
NOTE
By default, if an AS-path does not match any of the filters or ACLs, the device denies the route. To
change the default behavior, configure the last filter or ACL as “permit any any”.
NOTE
The AS-path filter or ACL must already be configured. Refer to
maximum-prefix <num> specifies the maximum number of IP network prefixes (routes) that can be
learned from the specified neighbor or peer group. You can specify a value from 0 – 4294967295.
The default is 0 (unlimited).
•
The <num> parameter specifies the maximum number. You can specify a value from 0 –
4294967295. The default is 0 (unlimited).
•
The <threshold> parameter specifies the percentage of the value you specified for the
maximum-prefix <num>, at which you want the software to generate a Syslog message. You
can specify a value from 1 (one percent) to 100 (100 percent). The default is 100.
•
The teardown parameter tears down the neighbor session if the maximum-prefix limit is
exceeded. The session remains shutdown until you clear the prefixes using the clear ip bgp
neighbor all or clear ip bgp neighbor <ip-addr> command, or change the neighbor’s
maximum-prefix configuration. The software also generates a Syslog message.
next-hop-self specifies that the router should list itself as the next hop in updates sent to the
specified neighbor. This option is disabled by default.
password [0 | 1] <string> specifies an MD5 password for securing sessions between the device
and the neighbor. You can enter a string up to 80 characters long. The string can contain any
alphanumeric characters, but the first character cannot be a number. If the password contains a
number, do not enter a space following the number.
The 0 | 1 parameter is the encryption option, which you can omit (the default) or which can be one
of the following:
•
0 – Disables encryption for the authentication string you specify with the command. The
password or string is shown as clear text in the output of commands that display neighbor or
peer group configuration information.
•
1 – Assumes that the authentication string you enter is the encrypted form, and decrypts the
value before using it.
For more information, refer to
“Encryption of BGP4 MD5 authentication keys”
NOTE
If you want the software to assume that the value you enter is the clear-text form, and to encrypt
display of that form, do not enter 0 or 1. Instead, omit the encryption option and allow the software
to use the default behavior. If you specify encryption option 1, the software assumes that you are
entering the encrypted form of the password or authentication string. In this case, the software
decrypts the password or string you enter before using the value for authentication. If you
accidentally enter option 1 followed by the clear-text version of the password or string,
authentication will fail because the value used by the software will not match the value you intended
to use.