nanog mailing list archives

Re: Route leak in Bangladesh

From: Mark Tinka <mark.tinka () seacom mu>
Date: Tue, 30 Jun 2015 15:29:57 +0200



On 30/Jun/15 15:22, Matsuzaki Yoshinobu wrote:

I also suggested them to implement BGP community based route filtering
in their outbound policy.  Any other suggestions or thoughts to
prevent such incidents in general?


    - Get your downstreams to create route objects before you turn them up.
    - Get your provisioning teams to validate the prefixes being
provided by your downstreams.
    - Use both prefix- and AS_PATH-based filters for your downstreams.
    - Use BGP communities (as you've stated).
    - No exceptions.

Mark.

Current thread:

Re: NTT->HE earlier today (~10am EDT), (continued)
- - - Re: NTT->HE earlier today (~10am EDT) Mike Leber (Jun 30)
    - Re: NTT->HE earlier today (~10am EDT) Ca By (Jun 30)
    - Re: NTT->HE earlier today (~10am EDT) Job Snijders (Jun 30)
    - Re: NTT->HE earlier today (~10am EDT) Jared Mauch (Jun 30)
    - Re: NTT->HE earlier today (~10am EDT) Job Snijders (Jun 30)
    - Re: NTT->HE earlier today (~10am EDT) Randy Bush (Jun 30)
    - Re: NTT->HE earlier today (~10am EDT) Job Snijders (Jun 30)
- Re: Route leak in Bangladesh Matsuzaki Yoshinobu (Jun 30)
  - Re: Route leak in Bangladesh Randy Bush (Jun 30)
    - Re: Route leak in Bangladesh Matsuzaki Yoshinobu (Jun 30)
    - Re: Route leak in Bangladesh Mark Tinka (Jun 30)
    - Re: Route leak in Bangladesh Nick Hilliard (Jun 30)
    - Re: Route leak in Bangladesh Job Snijders (Jun 30)
    - Re: Route leak in Bangladesh Joe Abley (Jun 30)
    - Re: Route leak in Bangladesh Job Snijders (Jun 30)
    - Re: Route leak in Bangladesh Mark Tinka (Jun 30)
    - Re: Route leak in Bangladesh Job Snijders (Jun 30)
    - Re: Route leak in Bangladesh Sandra Murphy (Jun 30)
    - Re: Route leak in Bangladesh Justin M. Streiner (Jun 30)
    - Re: Route leak in Bangladesh Sandra Murphy (Jun 30)
    - Re: Route leak in Bangladesh Job Snijders (Jun 30)

(Thread continues...)