[137987] in North American Network Operators' Group
Re: 6453 routing leaks (January and Today)
daemon@ATHENA.MIT.EDU (Richard A Steenbergen)
Fri Feb 25 12:51:53 2011
Date: Fri, 25 Feb 2011 11:51:45 -0600
From: Richard A Steenbergen <ras@e-gerbil.net>
To: Jared Mauch <jared@puck.nether.net>
In-Reply-To: <A2FF250A-FF2E-4EC4-BAB5-5A4021F7FC59@puck.nether.net>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Fri, Feb 25, 2011 at 07:22:36AM -0500, Jared Mauch wrote:
> Update:
>
> I have had a source ask me to post the following:
>
> -- snip --
> The problem with route leaking was caused by specific routing platform
> resulting in some peer routes not being properly tagged.
> We are deploying additional measures to prevent this from happening in
> the future
> -- snip --
Hopefully someone learned a lesson about BGP community design, and how
it should fail safe by NOT leaking if you accidentally fail to tag a
route. Always require a positive match on a route to advertise to peers,
not the absence of a negative match.
--
Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
