Open
Description
openedon Sep 4, 2023
Follow-up of discussion in #99.
From @robertvolkmann
To prevent this, we should use something like:
address-family ipv4 unicast
redistribute connected route-map LOOPBACKS
redistribute connected route-map VLAN4000
neighbor FIREWALL allowas-in 2
neighbor FIREWALL route-map LOOPBACKS out
{{- range $k, $f := .Ports.Firewalls }}
neighbor {{ $f.Port }} route-map fw-{{ $k }}-in in
{{- end }}
exit-address-family
!
...
route-map LOOPBACKS permit 10
match interface Loopback0
!
ip prefix-list VLAN4000 seq 10 permit <local PXE Vlan CIDR>
route-map VLAN4000 permit 10
match ip address prefix-list VLAN4000
!
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Metadata
Assignees
Labels
No labels