[182474] in North American Network Operators' Group
Re: Prefix-Hijack by AS7514
daemon@ATHENA.MIT.EDU (Jared Mauch)
Fri Jul 17 13:17:57 2015
X-Original-To: nanog@nanog.org
Date: Fri, 17 Jul 2015 13:17:50 -0400
From: Jared Mauch <jared@puck.Nether.net>
To: "nanog@nanog.org" <nanog@nanog.org>
In-Reply-To: <27DF913E-B956-444D-9E32-6D9367466DC7@de-cix.net>
Errors-To: nanog-bounces@nanog.org
On Fri, Jul 17, 2015 at 10:47:38AM +0000, Wolfgang Tremmel wrote:
>
> > On 17.07.2015, at 12:03, Mark Tinka <mark.tinka@seacom.mu> wrote:
> >
> > Some countries I know do this for their exchange points. But
> > by-and-large, it is not scalable. Same goes for AS_PATH lists for peering.
>
> it does scale.
> We do this for all our routeservers at all exchange points we operate.
> In Frankfurt we have 745 peers on our routeservers.
Scale has become my favorite term from vendors that sets off
alarm bells.
The problem is usually limited by someones imagination like
"why would you have more than 1 comment/remark", or "what do you mean
a customer has 200k prefixes registered".
it all depends on who/where and what role you play.
We have tried prefix filtering peers before. It's an
excercise in frustration when it comes to vendors ability to
ingest the large sets and/or changes. I talked about this
privately and at things like IEPG.
http://iepg.org/2014-03-02-ietf89/ietf89_iepg_jmauch.pdf
The situation and technology haven't substantively changed
in the interim.
- Jared
--
Jared Mauch | pgp key available via finger from jared@puck.nether.net
clue++; | http://puck.nether.net/~jared/ My statements are only mine.
