Hi there guys, I am hoping somebody can provide me with a little sanity check. Unfortunately we do not have a lab capable of BGP for me to test this with.
I need to ensure customer eBGP peers only send us the allowed standard communites we expect to see.
I have created the following extended community:
ip community-list 100 permit 65535:40119
ip community-list 100 permit 65535:51119
ip community-list 100 permit 65535:51129
ip community-list 100 deny .*
I want to accept the first three communities and drop the rest. Based on these communities we then apply traffic engineering further upstream. At present we do not apply any sanity check to the customer prefixes and have notices customers sending us other communites we dont want :-(
Can you tell me if this community-list will have the desired effect?