A newly created or existing BGP instance, group, or EBGP neighbor in a classic interface (the classic CLI and SNMP) maintains backwards compatibility with the insecure default to advertise and receive all routes. It is not compliant with RFC 8212. The secure default behavior must be enabled using the ebgp-default-reject-policy command in these cases.
A newly created BGP instance, group, or EBGP neighbor in a model-driven interface (the MD-CLI, NETCONF, or gRPC) applies the secure default behavior to reject all routes. It is compliant with RFC 8212. The secure behavior can be disabled using the ebgp-default-reject-policy command. However, Nokia recommends configuring import and export policies that express the intended routing instead of using the insecure default behavior. Defining an empty policy does not match any routes, an accept must match the route through an action accept or default-action accept statement.
The default behavior is inherited from the BGP instance to the group to an EBGP neighbor.
The import and export policies that are applied can be displayed using info detail or the show router bgp neighbor commands.
Table: Default EBGP route propagation behavior shows the default EBGP route propagation behavior according to how the neighbor was configured.
| Management-interface configuration-mode | Classic | Mixed | Model-driven | |
|---|---|---|---|---|
| BGP instance, group, or EBGP neighbor | Configured in a classic interface | Configured in a classic interface | Configured in a model-driven interface | Configured in a model-driven interface |
Configured before Release 19.5.R1 |
Default accept |
Default accept |
Default accept |
Default accept |
Configured in Release 19.5.R1 or higher |
Default accept |
Default accept |
Default reject1 |
Default reject1 |
ISSU to Release 19.5.R1 or higher |
Default accept |
Default accept |
According to rows 1 and 21 |
According to rows 1 and 21 |
Reboot with Release 19.5.R1 or higher |
Default accept |
Default accept |
According to rows 1 and 21 |
Default reject1 |