[61278] in North American Network Operators' Group
Re: Lazy Engineers and Viable Excuses
daemon@ATHENA.MIT.EDU (Stephen J. Wilcox)
Wed Aug 27 14:18:03 2003
Date: Wed, 27 Aug 2003 19:16:50 +0100 (BST)
From: "Stephen J. Wilcox" <steve@telecomplete.co.uk>
To: John Payne <john@sackheads.org>
Cc: Leo Bicknell <bicknell@ufp.org>, NANOG <nanog@merit.edu>
In-Reply-To: <2147483647.1061990651@[192.168.1.101]>
Errors-To: owner-nanog-outgoing@merit.edu
> --On Wednesday, August 27, 2003 9:36 AM -0400 Leo Bicknell
> <bicknell@ufp.org> wrote:
>
> > In a message written on Wed, Aug 27, 2003 at 12:15:18AM -0400, John Payne
> > wrote:
> >> If this is true, then why do the european NAP mailing lists (which push
> >> IRR filtering) have an almost constant stream of "oops, our customer
> >> announced everything to us and we leaked it".
> >
> > Because European naps have more smaller and clueless players. I
> > know more than a few people (because they ask for peering) who have
> > an IRR entry that is 1 prefix for the "ISP", and 1 prefix for their
> > only BGP customer. It should be of no surprise they get that
> > customer configured wrong. It should also be of no surprise that
> > most of the real ISP's would never consider peering with those types
> > of networks.
>
> CAIS (or whatever they're called today - BtNAccess/PCCW) is a small and
> clueless player? Then why is 6461 peering with 3491?
>
>
> (yeah, that was a customer route leak in July. I tend to just delete such
> emails, but I'd be surprised if there weren't more in August from ISPs that
> don't fit into "small and clueless")
there have been leaks by some large networks "tier1" if you like
you dont know what caused the route leaks tho..
eg modifying cisco route-maps and filters by deleting and re-adding opens a
small window of opportunity in which a lot of announcements get through, if your
CLI pauses during this window or something causes you to be disconnected its
instant route leak
i quote the above as i know of more than one occasion where this has occured to
bad consequences
you can think of others eg the filter building script has a bug in it etc etc
better to try and fail than to not try at all imho
> Not everyone filters their customers, and saying that everyone that counts
> does doesn't make it so.
>
> >6461 filters all customers by prefix list. Note too, filtering
> >customers does not eliminate route leaks, it just removes the most
> >obvious and often cause.
>
> Really? So how was I able to advertise a new netblock to one of your
> customers just now and see 6461 <their AS> <my AS> on
> route-views.oregon-ix.net within 2 minutes and without telling a soul what
good question, however as an ex-customer I know MFN do filter.. perhaps you're
announcing that many that your being filtered on as-path of prefix count? try
announcing something naughty and see if it goes thro eg rfc1918 or the block
with windowsupdate on .. that should increase your traffic volume ;p
Steve
