[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

intra-AS messaging for route leak prevention

Subject: intra-AS messaging for route leak prevention
From: mark.tinka at seacom.mu (Mark Tinka)
Date: Tue, 7 Jun 2016 08:35:53 +0200
In-reply-to: <[email protected]>
References: <BL2PR09MB11234069E707505B417F29D6845C0@BL2PR09MB1123.namprd09.prod.outlook.com> <[email protected]>

On 6/Jun/16 17:54, Job Snijders wrote:

> There is the "human network" approach, where operators share information
> with each other which be used to generate config to help block
> "unlikely" announcements from eBGP neighbors.
>
> For instance AT&T and NTT agreed (through email) that there should be no
> intermediate networks between 2914 & 7018, therefore NTT blocks
> announcements that match as-path-regexp '_7018_' on any and all eBGP
> sessions, except the direct sessions with 7018. NTT calls this concept
> "peerlocking".

I suppose if one is performing prefix- and ASN-based filtering, then you
"should" not learn peer paths via customers. If you augment that with
AS_PATH-based filtering, you "will not" learn peer paths via customers.

One thing we do to reduce opportunistically hazardous vectors is to not
learn customer paths via peers.

Mark.

Follow-Ups:
- intra-AS messaging for route leak prevention
  - From: kotikalapudi.sriram at nist.gov (Sriram, Kotikalapudi (Fed))
- intra-AS messaging for route leak prevention
  - From: morrowc.lists at gmail.com (Christopher Morrow)

References:
- intra-AS messaging for route leak prevention
  - From: kotikalapudi.sriram at nist.gov (Sriram, Kotikalapudi (Fed))
- intra-AS messaging for route leak prevention
  - From: job at instituut.net (Job Snijders)

Prev by Date: syslog server
Next by Date: Traffic engineering and peering for CDNs
Previous by thread: intra-AS messaging for route leak prevention
Next by thread: intra-AS messaging for route leak prevention
Index(es):
- Date
- Thread