Home page logo
/

nanog logo nanog mailing list archives

RE: ISP Filter Policies--Effect is what?
From: "Murphy, Brennan" <Brennan_Murphy () NAI com>
Date: Tue, 8 May 2001 12:11:42 -0700


On Tue, May 08, 2001, Stephen J. Wilcox wrote:

if you have a /16 why would it be broken down to /24? i would assume the
only reason you advertise /24 is because that is the size of your
assignment from the NIC, in which case you cannot advertise the /16.
if you do own the /16 then yes of course you can advertise it.

Not necessarily. I've been in a position where I've had $LARGEBLOCK
and I've had to break it into smaller chunks for per-POP customers.
The trick there is trying to handle your network being split down
the middle and still have traffic flowing to each POP right.
The only real way to do that is to split the /16 up into smaller
per-POP chunks and announce them seperately.
Yes, then you run into provider filtering blackholing you.
So, the comprimise is to announce the /16 and the /24s that make
it up, and bite the bullet.

I think this is the essence of the issue for this sitation. The desire
is to have the traffic routed properly to the intl POPs. The /24s would
be spread out geographically....all over. Furthermore, different providers
are involved....one in Europe, one in Asia, etc.  

The address space I provided was theoretical...although in the real world
example, the full /16 is owned by us. 

I am still reading through the responses but wanted to clarify the above.
Also,
one of the options being discussed is to use provider supplied Class C /24
space from providers in Europe and Asia and let our DNS algorithim take care
of sending
users to the right place. Basically, I've been told that the scenario would
be
far easier to work with if only 1 provider was supplying circuits at all of
the locations around the world. Then they could advertise the full /16 and
we would advertise the appropriate /24s from the particular site hosting
them.

Thanks for everyone's responses...most helpful!



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault