[81295] in North American Network Operators' Group
Re: URPF on small BGP-enabled customers?
daemon@ATHENA.MIT.EDU (Pete Templin)
Fri Jun 3 11:17:37 2005
Date: Fri, 03 Jun 2005 10:16:34 -0500
From: Pete Templin <petelists@templin.org>
To: Andre Oppermann <nanog-list@nrg4u.com>
Cc: will@loopfree.net, nanog@merit.edu
In-Reply-To: <42A06888.5040304@nrg4u.com>
Errors-To: owner-nanog@merit.edu
Andre Oppermann wrote:
> No, my proposal works as long as the customer advertizes their prefixes
> via BGP, not matter how long the path or what community attributes are
> set (for example NOEXPORT). No matter how they send it, as long as they
> send it, it works fine. Unlike uRPF which depends on exactly this path
> being the best path of all path available. All this trouble of routing
> decisions which affect uRPF is avoided. That is also why it feeds the
> received prefixes into an ACL which then is applied to the interface
> versus doing two FIB lookups (one on source IP and one on destination
> IP).
And my proposal works as long as the customer advertises their prefixes
via BGP, with the added caveat that ACLs don't have to be updated (i.e.
uRPF works and is used). I'd have to re-check my customer-side route
maps, but I think they'll open the uRPF for all possible permutations of
<community>.
pt
