nanog mailing list archives
Re: genuity - any good?
From: David Schwartz <davids () webmaster com>
Date: Fri, 12 Apr 2002 17:23:04 -0700
On Fri, 12 Apr 2002 20:00:37 -0400 (EDT), Sean Donelan wrote:
On Fri, 12 Apr 2002, Roy wrote:Registering is not "bad", its just not beneficial. Given that the routes I want to announce are within my assigned range, why is it a good thing to register them? If the transit provider always add entries when I ask for them, it seems to be very little benefit..
The simple reasons is some people (or their buggy router) deaggregated multiple Class B's or A's and broke some upstream providers. You can blame whomever you want, but registration gives the user a chance to notice a typo resulted in 65,535 routes before actually announcing all those routes. No, it doesn't stop a malcious router engineering. But it is a nice "defense in depth" or "speed bumb" for dumb mistake(tm) prevention.
There are certainly reasonable and unreasonable cases one can imagine. Someone with a single /20 who wants to be able to advertise /24s or larger from within his block is (probably) a reasonable request. Someone with a /16 who wants to be able to advertise down to /32s within his block is unreasonable, especially if he expects his provider to advertise these routes to its peers/providers. One common need for advertising small routes within large blocks is dealing with dos attacks. If you have, say, 4 100Mbps circuits, and 1.2.3.4 is being DOSed, you can advertise nothing but 1.2.3.4/32 on one of the circuits and the DOS is now clamped at 100Mbps and everything else will be fine. However, it's hard to work out in advance how not to propogate the route outside the appropriate scope and how to do this without special arrangements for that particular IP while still not allowing every customer you have to advertise /32s for every IP they own. The moral is, negotiate a reasonable BGP policy before you pay/sign. Make sure what seems reasonable to you also seems reasonable to your (prospective) provider. DS
Current thread:
- Re: genuity - any good?, (continued)
- Re: genuity - any good? Mark Kent (Apr 11)
- Re: genuity - any good? Hank Nussbacher (Apr 11)
- Re: genuity - any good? Neil J. McRae (Apr 12)
- Re: genuity - any good? Hank Nussbacher (Apr 11)
- Re: genuity - any good? Roy (Apr 12)
- Re: genuity - any good? Neil J. McRae (Apr 12)
- Re: genuity - any good? Simon Lyall (Apr 12)
- Re: genuity - any good? Stephen Griffin (Apr 12)
- Re: genuity - any good? Roy (Apr 12)
- Re: genuity - any good? Aditya (Apr 12)
- Re: genuity - any good? Sean Donelan (Apr 12)
- Re: genuity - any good? David Schwartz (Apr 12)
- Re: genuity - any good? Richard A Steenbergen (Apr 13)
- Re: genuity - any good? Mark Kent (Apr 12)
- Route Filtering (Was: Re: genuity - any good?) Leo Bicknell (Apr 12)
- RE: genuity - any good? David Luyer (Apr 12)
- limiting # of prefixes from a BGP peer (Was: Re: genuity - any good?) Rafi Sadowsky (Apr 13)
- Re: limiting # of prefixes from a BGP peer (Was: Re: genuity - any good?) German Martinez (Apr 13)
- Re: genuity - any good? Mark Kent (Apr 11)
- Re: genuity - any good? Stephen Griffin (Apr 15)