Home page logo
/

nanog logo nanog mailing list archives

RE: Lazy Engineers and Viable Excuses
From: "Mark Borchers" <mborchers () igillc com>
Date: Tue, 26 Aug 2003 10:58:50 -0500


During my tenure at a medium-sized ISP, I found that one of the
more painful experiences was trying to assist small or first-time
BGP customers in setting themselves up in the IRR and registering
their routes.  While I would take issue with some posters' comments
that maintaining edge filters does not scale, I would certainly
support the statement that providing IRR 101 tutorials definitely
doesn't scale.

For smaller sites, I feel that explicit permit prefix filters 
are the way to go.  At the same time a filter is updated, if
the customer was assigned space from one of our blocks, off go
both a SWIP and a proxy IRR object.  If the space is PA space
from another provider, we'd submit a route object after verifying
the assignment.  In the case of PI space, we *might* take the
trouble to give the IRR 101 training if the customer seemed
trainable.

Somewhere in the growth curve along which a customer increases in
both size and credibility, I think there is a case for migrating
them from prefix filtering to as-path filtering with a prefix limit.
While not preventing any possibility of an illegitimate announcement,
it does prevent a 7007 type incident along with scalability.




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]