nanog mailing list archives
Re: Route leak in Bangladesh
From: Mark Tinka <mark.tinka () seacom mu>
Date: Tue, 30 Jun 2015 15:29:57 +0200
On 30/Jun/15 15:22, Matsuzaki Yoshinobu wrote:
I also suggested them to implement BGP community based route filtering in their outbound policy. Any other suggestions or thoughts to prevent such incidents in general?
- Get your downstreams to create route objects before you turn them up. - Get your provisioning teams to validate the prefixes being provided by your downstreams. - Use both prefix- and AS_PATH-based filters for your downstreams. - Use BGP communities (as you've stated). - No exceptions. Mark.
Current thread:
- Re: NTT->HE earlier today (~10am EDT), (continued)
- Re: NTT->HE earlier today (~10am EDT) Mike Leber (Jun 30)
- Re: NTT->HE earlier today (~10am EDT) Ca By (Jun 30)
- Re: NTT->HE earlier today (~10am EDT) Job Snijders (Jun 30)
- Re: NTT->HE earlier today (~10am EDT) Jared Mauch (Jun 30)
- Re: NTT->HE earlier today (~10am EDT) Job Snijders (Jun 30)
- Re: NTT->HE earlier today (~10am EDT) Randy Bush (Jun 30)
- Re: NTT->HE earlier today (~10am EDT) Job Snijders (Jun 30)
- Re: Route leak in Bangladesh Randy Bush (Jun 30)
- Re: Route leak in Bangladesh Matsuzaki Yoshinobu (Jun 30)
- Re: Route leak in Bangladesh Mark Tinka (Jun 30)
- Re: Route leak in Bangladesh Nick Hilliard (Jun 30)
- Re: Route leak in Bangladesh Job Snijders (Jun 30)
- Re: Route leak in Bangladesh Joe Abley (Jun 30)
- Re: Route leak in Bangladesh Job Snijders (Jun 30)
- Re: Route leak in Bangladesh Mark Tinka (Jun 30)
- Re: Route leak in Bangladesh Job Snijders (Jun 30)