[121680] in North American Network Operators' Group
Re: Best Practices - BGP community to signal transit announces.
daemon@ATHENA.MIT.EDU (Andy Davidson)
Sun Jan 24 17:05:25 2010
Date: Sun, 24 Jan 2010 22:04:55 +0000
From: Andy Davidson <andy@nosignal.org>
To: nanog@nanog.org
In-Reply-To: <4B5B371B.3000301@freebsdbrasil.com.br>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 23/01/2010 17:51, Patrick Tracanelli wrote:
> I am acting as transit for a number of ASNs, and my upstream peers do
> filter my announces (as they should as I understand).
Absolutely.
> Is there any best practices or RFC which shall suggest how this
> community should be set up? Say, while I do standardize this community
> to be MY-ASN:1 or MY-ASN:65501, is there a difference? Which community
> numbers should be used for this purpose, if there are any best practice
> for this?
This is a really bad idea, if you tag your customers' prefixes with a
'do transit' community, then the customer leaks, you will tag the extra
prefixes, and leak via your transit too.
You must filter your customers based on the data that they put into an
agreed RPSL database, and then your transit provider should filter you
on the same basis.
Some people shuffle static prefix lists to negotiate their prefix
filters. Life is too short for this though. Let computers and
databases do the work for you.
Andy Davidson // www.netsumo.com
