[169514] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Filter on IXP

daemon@ATHENA.MIT.EDU (=?ISO-8859-1?Q?J=E9r=F4me_Nicolle?)
Fri Feb 28 12:05:14 2014

Date: Fri, 28 Feb 2014 18:03:01 +0100
From: =?ISO-8859-1?Q?J=E9r=F4me_Nicolle?= <jerome@ceriz.fr>
To: Nick Hilliard <nick@foobar.org>, nanog@nanog.org
In-Reply-To: <5310BEEA.9070403@foobar.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

Le 28/02/2014 17:52, Nick Hilliard a écrit :
> this will break horribly as soon as you have an IXP member which provides
> transit to other multihomed networks.

It could break if filters are based on announced prefixes. That's
preciselly why uRPF is often useless.

On the other hand, if a member provides transit, he will add its
customer prefixes to RaDB / RIPEdb with appropriate route objects and
the ACL will be updated accordingly. Shouldn't break there.

-- 
Jérôme Nicolle
+33 6 19 31 27 14


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[169514] in North American Network Operators' Group

Re: Filter on IXP

daemon@ATHENA.MIT.EDU (=?ISO-8859-1?Q?J=E9r=F4me_Nicolle?)Fri Feb 28 12:05:14 2014

daemon@ATHENA.MIT.EDU (=?ISO-8859-1?Q?J=E9r=F4me_Nicolle?)
Fri Feb 28 12:05:14 2014