Community discussions

MikroTik App
  4. RouterOS
  5. Forwarding Protocols

V7 Route Filter Deny-ALL

Post Reply
 
User avatar
j2sw
Member Candidate
Member Candidate
Topic Author
Posts: 131
Joined: Mon Sep 04, 2006 5:42 am
Location: Indiana
Contact:
Contact j2sw

V7 Route Filter Deny-ALL

Fri Dec 29, 2023 5:19 am

I am trying to figure out the proper syntax to deny all prefixes to and from a BGP peer. As best practice, we turn up BGP with peers and do a DENY-ALL filter where we don't accept anything from them nor send them anything. This way we can monitor the session or announce routes during a maintenance window. I am having an issue in V7 getting this to work right.

Does anyone have the proper syntax and where I apply it?

I have tried
add chain=AS-IN disabled=no rule="if (dst in 0.0.0.0/0) {reject}"
Top
 
User avatar
loloski
Member
Member
Posts: 354
Joined: Mon Mar 15, 2021 9:10 pm

Re: V7 Route Filter Deny-ALL

Fri Dec 29, 2023 9:26 am

In v7 it was rejected / deny by default
Top
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 12030
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:
Contact rextended

Re: V7 Route Filter Deny-ALL

Fri Dec 29, 2023 10:12 am

In v7 it was rejected / deny by default
only when at least one filter rule (fake or not) exist, else all is allowed
Top
Post Reply

Who is online

Users browsing this forum: No registered users and 6 guests
  4. RouterOS
  5. Forwarding Protocols