nanog mailing list archives
Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times
From: Baldur Norddahl <baldur.norddahl () gmail com>
Date: Sun, 27 Mar 2022 22:02:32 +0200
On Sun, 27 Mar 2022 at 18:31, Jon Lewis <jlewis () lewis org> wrote:
Is prepending used for any purpose other than TE? The point I think Joe was trying to make was prepending once or even a few times has uses. Prepending more than a few times is unlikely to accomplish anything a few prepends didn't get done.
I suppose so-called "backup routes" could also be called traffic engineering yet it is different from the use case I described. I understand the "diameter of the internet" to mean the maximum number of unique AS numbers in an AS PATH observed in any route in my DFZ routing table. Say I have two IP transit uplinks and I want one to be strictly backup meaning I want to receive no traffic unless the other is down. I might then prepend at least "the diameter of the internet" and that would be enough. Any more prepends will do nothing. This could probably be proven mathematically for the worst case, although in reality you would not even need that many prepends to get the effect. However using prepends for traffic engineering in the sense prioritizing my peers relatively to each other is completely different. Especially true when some are peers on internet exchanges (not IP transit). Here the diameter of the internet is completely irrelevant. What matters is the number of classes I can make up for my peers. I admit those two numbers might not be all that different, but I feel it is still worth pointing out the error in the logic. The logic is wrong even for the backup case. Say I have an extreme of N x IP transits and I want all of them to be backups in a strict order. Such that all traffic comes in on transit A. If transit A is down, then everything should use B. If A and B are down then 100% to C etc. In that case I would need to prepend "the diameter of the internet" on B and "the diameter of the internet" times two on C etc. Why times two and not + 1? Because when A is down we have B with a number of prepends. C needs to have "the diameter of the internet" more than B to be sure no traffic goes that way when B is active. Prepending 50, 100, 200+ times is kind of a universal "We have no clue
what we're doing and you should reject our routes."
That is likely yes. Regards, Baldur
Current thread:
- AS21299 - 46.42.196.0/24 ASN prepending 255 times Erik Sundberg (Mar 24)
- Re: AS21299 - 46.42.196.0/24 ASN prepending 255 times surfer (Mar 24)
- Re: AS21299 - 46.42.196.0/24 ASN prepending 255 times Erik Sundberg (Mar 24)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Paschal Masha (Mar 25)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Bjørn Mork (Mar 25)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Joe Provo (Mar 25)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Baldur Norddahl (Mar 25)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Jon Lewis (Mar 27)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Baldur Norddahl (Mar 27)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Joe Maimon (Mar 31)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Matthew Petach (Mar 31)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Joe Maimon (Mar 31)
- Re: AS21299 - 46.42.196.0/24 ASN prepending 255 times surfer (Mar 24)
- RE: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Adam Thompson (Mar 25)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Brian Knight via NANOG (Mar 25)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Matthew Petach (Mar 25)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Amir Herzberg (Mar 25)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Matthew Petach (Mar 25)