[32041] in North American Network Operators' Group
Re: DoS attacks, NSPs unresponsiveness
daemon@ATHENA.MIT.EDU (John Fraizer)
Fri Nov 3 23:56:49 2000
Date: Fri, 3 Nov 2000 23:54:30 -0500 (EST)
From: John Fraizer <nanog@EnterZone.Net>
To: Joe Shaw <jshaw@insync.net>
Cc: nanog@merit.edu
In-Reply-To: <Pine.GSO.4.21.0011031109110.21141-100000@vellocet.insync.net>
Message-ID: <Pine.LNX.4.21.0011032346410.10538-100000@Overkill.EnterZone.Net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Fri, 3 Nov 2000, Joe Shaw wrote:
>
> > If they're filtering on the /19 or /20 boundry on legacy space, they're
> > VERY misconfigured and breaking a whole bunch of connectivity.
>
> I thought filtering at /19-/20 space was still considered best common
> practice by some of the older Tier 1's who were interested in keeping the
> routing tables small. Maybe with less legacy equipment deployed this
> isn't an issue anymore.
>
I don't think it's a matter of legacy equipment and many networks do
filter on the /19-/20 boundry for address space that is assigned as
shorter than /21. I don't know of anyone who is _purposely_ filtering out
legacy /24's though. By legacy /24's, I am referring to address space
that was allocated by the RIR as /24's. The chances of those /24's being
aggregated into /20 or shorter prefixes are pretty slim.
> Wouldn't it be better, at least from an engineering standpoint, to still
> announce their routes with AS padding to increase the AS-path so in the
> event their other connection(s) goes down they still have some type of
> inbound connectivity? It seems like your example would work in a best
> case scenario, but customer X would drop off of the planet in the event of
> a partial outage without some manual reconfiguration. I did something
> similar to what you are suggesting, but we still announced the routes,
> with padding, so that in the event of a failure the network could still
> function. The link did fail eventually (would you believe me if I
> mentioned there was a backhoe and a contractor involved?), and while the
> network was certainly slower than normal, it continued to function
> adequately so that there was no perceivable outage seen by our customers.
I agree that it would be better. I know of several instances where people
are doing it as I described though, for whatever reasons.
---
John Fraizer
EnterZone, Inc
