[148813] in North American Network Operators' Group
Re: Populating BGP from Connected or IGP routes
daemon@ATHENA.MIT.EDU (Jonathan Lassoff)
Mon Jan 23 16:04:46 2012
In-Reply-To: <DC85D08B84BB854086E9524DAB67D18712EA7845@Teriwood.miller.local>
Date: Mon, 23 Jan 2012 13:04:20 -0800
From: Jonathan Lassoff <jof@thejof.com>
To: "Eric C. Miller" <eric@ericheather.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Mon, Jan 23, 2012 at 12:46 PM, Eric C. Miller <eric@ericheather.com> wro=
te:
> Hi all,
>
> I'm looking for a best practice sort of answer, plus maybe comments on wh=
y your network may or may not follow this.
>
> First, when running a small ISP with about the equivilent of a /18 or /19=
in different blocks, how should you decide what should be in the IGP and w=
hat should be in BGP? I assume that it's somewhere between all and none, an=
d one site that I found made some good sense saying something to the follow=
ing, "Use a link-state protocol to track interconnections and loopbacks onl=
y, and place all of the networks including customer networks into BGP."
>
> Secondly, when is it ok, or preferable to utilize "redistribute connected=
" for gathering networks for BGP over using a network statement? I know tha=
t this influences the origin code, but past that, why else? Would it ever b=
e permissible to redistribute from the IGP into BGP?
This is one of those questions where the answer will depend heavily on
who you ask. In my opinion, I would
- Keep externally-learned eBGP routes in one table. The "Internet" table.
- Keep internal links (loopbacks, single-homed (to me) customers,
networks containing next-hops outside your AS) in an IGP (like OSPF or
IS-IS). These routes should very rarely get exchanged outside the AS.
- Where possible, have multi-homed customers speak BGP to your AS and
just treat those routes as those you'll provide transit for
(re-announcing them to other external peers)
-- In cases where customers multi or single-home with their own
address space that they'd like you to address, put very specific
filters and tagging on the routes. This way, you can perform careful
filtering on allowing those routes to cross the boundary from IGP to
EGP (and onto your external peers).
Cheers,
jof
