[58526] in North American Network Operators' Group
Re: BGP Path Filtering
daemon@ATHENA.MIT.EDU (Joe Abley)
Fri May 16 20:22:09 2003
Date: Fri, 16 May 2003 20:20:39 -0400
Cc: nanog@merit.edu
To: Sean Donelan <sean@donelan.com>
From: Joe Abley <jabley@isc.org>
In-Reply-To: <Pine.GSO.4.44.0305161925150.16580-100000@clifden.donelan.com>
Errors-To: owner-nanog-outgoing@merit.edu
On Friday, May 16, 2003, at 20:00 Canada/Eastern, Sean Donelan wrote:
> Small ISPs with only a few eBGP neighbors (i.e. less than a dozen) and
> a few network prefixes (i.e. less than a 100) probablly should stick
> with
> hardcoded, explicit prefix and as-path filters. Coordinate the
> occasional
> updates to the filters with your upstreams (since they should be
> filtering your announcements on ingress anyway). You are less likely
> to
> mess things up, and its simplier to understand if another network
> engineer needs to debug things later.
Having being involved in cleaning up the networks of many small ISPs
(by your definition of small) after they have been deployed by people
long since departed, I completely disagree with your last sentence.
Maybe complexity is in the eye of the beholder, but ISPs which classify
the routes they carry according to origin using community string
attributes are much easier to debug and understand than those who
specify their exit policy using hard-coded prefix and as-path filters
all over the place.
I don't think "start messy and clean up later" is good advice. Do it
right the first time, and grow smoothly without difficult migrations.
Joe
