[104518] in North American Network Operators' Group
Re: [NANOG] peering between ASes
daemon@ATHENA.MIT.EDU (Nathan Ward)
Sat May 17 01:36:26 2008
From: Nathan Ward <nanog@daork.net>
To: nanog <nanog@merit.edu>
In-Reply-To: <482E6D68.9040204@internode.com.au>
Date: Sat, 17 May 2008 17:36:20 +1200
Errors-To: nanog-bounces@nanog.org
On 17/05/2008, at 5:30 PM, Matthew Moyle-Croft wrote:
>> If you really need to, you can get a similar effect by using
>> ASPATH poisoning; just prepend your AS paths with the ASes you
>> don't want those prefixes hitting.
>>
>> ..
>> Nothing really about how it works in a MLPA IXP though.
>>
> It'd work, but it's a pretty evil thing to do and it's a fairly easy
> to get around surely (neighbor 1.1.1.1 allowas-in on IOS).
"If you really need to". Geoff's thing also says "controversial".
If the foreign AS really wants to send you routes that way, they can
do it regardless of how you stop your advertisements being accepted by/
reaching them. We're hardly talking high security here.
ip route <prefix> <netmask> 1.1.1.1 works a treat.
--
Nathan Ward
_______________________________________________
NANOG mailing list
NANOG@nanog.org
http://mailman.nanog.org/mailman/listinfo/nanog
