nanog mailing list archives
RE: Peer Filtering
From: "John van Oppen" <john () vanoppen com>
Date: Mon, 2 Feb 2009 19:54:20 -0800
Yep agreed... We balance that by keeping the max-prefix no more than about 40% over the current prefix limit on each peer. For us it is a trade-off, accept the routes or don't send the traffic to peering. The couple of times I have seen route leaks that involved one or two routes they were paths that worked, they were just wrong and we ended up just throwing a prefix-list on that peer. The thing is, one basically has to trust one's transit providers which don't always filter well. Given this trusting one's peers at least some-what does not seem too out there. John van Oppen Spectrum Networks LLC Direct: 206.973.8302 Main: 206.973.8300 Website: http://spectrumnetworks.us -----Original Message----- From: Martin Barry [mailto:marty () supine com] Sent: Monday, February 02, 2009 7:22 PM To: nanog () nanog org Subject: Re: Peer Filtering $quoted_author = "John van Oppen" ;
Here in the US we don't bother, max-prefix covers it... It seems
that
US originated prefixes are rather sporadically entered into the
routing
DBs.
...and you are not worried about someone leaking a subset of routes? I understand that most failure cases would trigger a max-prefix but a typo could allow just enough leakage to not hit max-prefix and yet still make something "important" unreachable. cheers marty -- with usenet gone, we just don't teach our kids entertainment-level hyperbole any more. --Paul Vixie http://www.merit.edu/mail.archives/nanog/2006-01/msg00593.html
Current thread:
- Peer Filtering Paul Stewart (Feb 02)
- Re: Peer Filtering Martin Barry (Feb 02)
- Message not available
- Re: Peer Filtering Martin Barry (Feb 02)
- RE: Peer Filtering John van Oppen (Feb 02)
- RE: Peer Filtering Paul Stewart (Feb 03)
- Re: Peer Filtering Nick Hilliard (Feb 03)
- Message not available
- Re: Peer Filtering Martin Barry (Feb 02)