Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

BGP advertised networks

Posted on 2014-03-27
1
Medium Priority
?
326 Views
Last Modified: 2014-04-08
I have a private 10.10.0.0/16 subnet. That subnet is further extend to 25 /24 subnets within my internal network. My WAN is a MPLS network. My FW is doing BGP peering with the provider MPLS router.
Should I advertise a /16 or 25 /24 with the network statement.

Somebody told me, for security purposes, that I should advertise individual specific routes rather than a /16. I am not sure I agree with that. But I'd like to get your thought on this.

Thanks
0
Comment
Question by:leblanc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 17

Accepted Solution

by:
pergr earned 2000 total points
ID: 39960932
If all those networks are on the same site, and you use a single router, and no other site is using networks within 10.10/16 - then you can advertise the /16.

It has nothing to do with security.

Only reason to use /24 is if you want to load balance different /24 to different links.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question