[50944] in North American Network Operators' Group
Re: Max Prefixes Configured on Customer BGP (WAS Re: ALGX problems?)
daemon@ATHENA.MIT.EDU (Richard A Steenbergen)
Thu Aug 15 21:01:38 2002
Date: Thu, 15 Aug 2002 21:00:42 -0400
From: Richard A Steenbergen <ras@e-gerbil.net>
To: Joe Wood <joew@accretive-networks.net>
Cc: nanog@merit.edu
In-Reply-To: <20020815171411.H73557-100000@localhost>
Errors-To: owner-nanog-outgoing@merit.edu
On Thu, Aug 15, 2002 at 05:15:04PM -0700, Joe Wood wrote:
>
> However, I don't really see a reason why ISP's shouldn't implement
> max-prefixes on their customer sessions; This would not prevent against
> very small prefix leaks, but would prevent partial and whole routing table
> leaks that impact many networks.
If you're using a Cisco, and they leak, their session stays down until a
human clears it. It also does very little to prevent leaking of a single
route (like one of Phil Rosenthal's /24s), impacting someone else. As a
customer, I would always insist on being prefix-listed and not
prefix-limited.
I far prefer a prefix list automatically built from IRR entries, with a
NOC and even a website capable of triggering a manual update if you need
to get routes out now. It's all a bit of a hack, but its workable. IMHO AS
Path filters are useless and redundant if you have proper prefix-lists.
--
Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
