[99239] in North American Network Operators' Group
Re: Route table growth and hardware limits...talk to the filter
daemon@ATHENA.MIT.EDU (Jon Lewis)
Tue Sep 11 16:09:14 2007
Date: Tue, 11 Sep 2007 16:08:03 -0400 (EDT)
From: Jon Lewis <jlewis@lewis.org>
To: Stephen Sprunk <stephen@sprunk.org>
cc: Kevin Loch <kloch@kl.net>,
North American Noise and Off-topic Gripes <nanog@merit.edu>
In-Reply-To: <03cc01c7f3f9$3cf9ab30$5a3816ac@atlanta.polycom.com>
Errors-To: owner-nanog@merit.edu
On Mon, 10 Sep 2007, Stephen Sprunk wrote:
>>> Sucks to be them. If they do not have enough PA space to meet
>>> the RIR minima, the community has decided they're not "worthy"
>>> of a slot in the DFZ by denying them PI space.
>>
>> Not true, there is an ARIN policy that allows you to get a /24 from
>> one of your providers even if you only need 1 IP address:
>
> If the PA /24 is under 199/8 or 204-207/8, then the filters being discussed
> would allow their advertisement through, because ARIN's minimum allocation
> for those blocks is /24. In ARIN's 22 other /8s, the filters would not
> because the minimum is /20 (or /22, for 208/8).
As long as enough NSPs don't filter on RIR minimums, there's still a
pretty good chance that when a small PA multihomer's IP space provider's
connection is down, traffic routed towards that provider will get rerouted
to their other provider(s).
Breaking PA /24 multihoming would be unfortunate collateral damage.
Perhaps someone could use the data from the cidr-report and RIRs to create
a precision targeted prefix-list intended just to block unnecessary more
specifics rather than across the board on RIR minimums?
You could even do two different versions. A loose version that just
throws out covered subnets with same as-path and a BOFH version that
throws out all apparently gratuitous subnetting smaller than RIR
minimums, but not all smaller than RIR minimum routes.
I just wonder how huge the list would be and what the CPU and config size
damage would be.
----------------------------------------------------------------------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
