Max Prefix Out, was Re: Verizon 701 Route leak?

[Michael Still <stillwaxin () gmail com>]

I agree a max-prefix outbound could potentially be useful and would
hopefully not be too terribly difficult to implement for most vendors.

Perhaps RFC4486 would need to be updated to reflect this as a
possibility as well?



On Mon, Aug 28, 2017 at 5:41 PM, Julien Goodwin <nanog () studio442 com au> wrote:
> On 28/08/17 18:34, Job Snijders wrote:
> > Finally, it may be worthwhile exploring if we can standardize and
> > promote maximum prefix limits applied on the the _sending_ side. This
> > way you protect your neighbor (and the Internet at large) by
> > self-destructing when you inadvertently announce more than what you'd
> > expect to announce. BIRD has this functionality
> > http://bird.network.cz/?get_doc&f=bird-3.html#proto-export-limit
> > however I am not aware of other implementations. Feedback welcome!
>
> Having just dug up the reference for some strange reason...
>
> Back at NANOG38 (2006) Tom Scholl mentioned in a talk on max prefix:
> "Perhaps maximum-prefix outbound?
> (Suggested by Eric Bell years ago)"
> https://www.nanog.org/meetings/nanog38/presentations/scholl-maxpfx.pdf
>
> Notably Juniper does now have prefix-export-limit, but only for
> readvertisement into IS-IS or OSPF:
> https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/prefix-export-limit-edit-protocols-isis.html



-- 
[stillwaxin () gmail com ~]$ cat .signature
cat: .signature: No such file or directory
[stillwaxin () gmail com ~]$