Looking for an example of routing policy that will prevent someone from inadvertently configuring a static quad 0/0 route on a Juniper EX router running OSPF with a policy statement redistributing static routes into OSPF. Myself and my team have gotten bit by this a couple of times now, the effect is all traffic destined for the internet out of our core data center gets black holed to the site the someone adds or forgets to remove a 0.0.0.0/0 next-hop x.x.x.x route. Thinking we should have a policy to prevent this specific route from being redistributed into OSPF that can be added to a base config template as a preventative measure . Any help would be greatly appreciated!
No comments:
Post a Comment