[afnog] How to convince providers to take the sane option....

Mark Tinka mark.tinka at seacom.mu
Thu May 15 06:43:31 UTC 2014


On Thursday, May 15, 2014 06:18:37 AM Frank Habicht wrote:

> without the knowledge/approval of the "owner" ?
> bad start....   :-(
> (yes, most likely it's a former customer)

I can tell you now that we fight route leaks on a daily 
basis. And we don't have to go to an exchange point to enjoy 
that priviledge :-).

> Even if all peers get everything...
> ... still they should not announce things they get from
> peering to other peerings or even to upstreams.
> static prefix lists are bad because they will become
> outdated. I know many of us know this song.
> 
> Best solution I see is communities.
> - Define one community called "don't advertise to
> upstreams" - add this community to all routes learned
> from upstreams. and to all routes learned from peering
> - don't advertise these routes to upstreams.
>   and don't advertise these routes to other peerings.
>   ie first rule in the route-map to upstreams:
>      deny anything matching that community

Yes, good idea.

Mark.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <http://afnog.org/pipermail/afnog/attachments/20140515/04b56772/attachment.sig>


More information about the afnog mailing list