nanog mailing list archives
RE: Clue's for Clue-less
From: "Martin, Christian" <CMartin () mercury balink com>
Date: Mon, 26 Oct 1998 16:37:40 -0500
I agree that core stability is of utmost importance, but by randomly and somewhat unilaterally denying prefixes without verification of the validity of their origin...Hmm, lets see...AS 1 sending the 4.0.0.0 netblock across a direct peering point, but it get's nicked because of max-prefix, so it comes across through a multihomed downstream and all of a sudden, sorry little multihomed downstream is carrying 200 Megs of BBN transit. Oops! I would think that the only thing that this command protects is routers with slim memory profiles. Core routers should let the BGP decision process clean the routes, although I do get scared when 10,000 new routes appear over the weekend. After this weekends fiasco, I can see your reasons, though. Maybe RSNG is useful after all... Chris
-----Original Message----- From: Richard Irving [mailto:rirving () onecall net] Sent: Monday, October 26, 1998 4:27 PM To: Martin, Christian Cc: 'nanog () merit edu' Subject: Re: Clue's for Clue-less No proof one way, or the other, Martin.... The only neighbors I lost on this one, dumped something they shouldn't..... If someone de-aggregates a /16, it fires off alarms.... Although these may be valid advertisements, We have opted for the "safe, rather than sorry" perspective. (Besides, the alarms *assure* prompt attention) Running the internet requires a certain degree of Altruism. One should set policies that *protect* the core, rather than one's own....... ;) Doing other than this will result in a global internet that is not reliable...And we all lose. "The good of the many, outweigh the desires of the few" (No matter *how* expensive a tie they wear ;) PS: 11.2.xx and higher have this command... Martin, Christian wrote:Richard Irving Wrote:To "You Know Who You Are": Since some of the filtering policies on the core *seem* to not benefit the Internet as a whole... (or is that Hole ? ;) May I suggest one that does: neighbor WWW.XXX.YYY.ZZZ maximum-prefix XXXXX It has a way of dropping "clue-nots"..... When they demonstrate said title..... Your clueful attention appreciated. Signed, One *URKED* Core Operator.What if it has a way of dropping big blocks? From what I've seen n sniffer traces, it depends on how the routes are stored inthe BGP tablethat determines how they are advertised. This may have theeffect ofsinking large, valid netblocks. Unless you've seen otherwise... -Chris
Current thread:
- Clue's for Clue-less Richard Irving (Oct 26)
- <Possible follow-ups>
- RE: Clue's for Clue-less Martin, Christian (Oct 26)
- Re: Clue's for Clue-less Richard Irving (Oct 26)
- Message not available
- Message not available
- Message not available
- Re: Clue's for Clue-less Richard Irving (Oct 27)
- Re: Clue's for Clue-less Richard Irving (Oct 26)
- Re: Clue's for Clue-less Richard Irving (Oct 26)
- Re: Clue's for Clue-less Jim Jagielski (Oct 27)