nanog mailing list archives
Re: Announcing Peering-LAN prefixes to customers
From: Michael Still <stillwaxin () gmail com>
Date: Thu, 20 Dec 2018 13:06:18 -0500
IXP LANs should not be announced via BGP (or your IGP either). See section 3.1: http://nabcop.org/index.php/BCOP-Exchange_Points_v2 On Thu, Dec 20, 2018 at 12:50 PM Dominic Schallert <ds () schallert com> wrote:
Hi all, this might be a stupid question but today I was discussing with a colleague if Peering-LAN prefixes should be re-distributed/announced to direct customers/peers. My standpoint is that in any case, Peering-LAN prefixes should be filtered and not announced to peers/customers because a Peering-LAN represents some sort of DMZ and there is simply no need for them to be reachable by third-parties not being physically connected to an IXP themselves. Also from a security point of view, a lot of new issues might occur in this situation. I’ve been seeing a few transit providers lately announcing (even reachable) Peering-LAN prefixes (for example DE-CIX Peering LAN) to their customers. I’m wondering if there is any document or RFC particularly describing this matter? Thanks Dominic
-- [stillwaxin () gmail com ~]$ cat .signature cat: .signature: No such file or directory [stillwaxin () gmail com ~]$
Current thread:
- Announcing Peering-LAN prefixes to customers Dominic Schallert (Dec 20)
- Re: Announcing Peering-LAN prefixes to customers Job Snijders (Dec 20)
- Re: Announcing Peering-LAN prefixes to customers Ross Tajvar (Dec 20)
- Re: Announcing Peering-LAN prefixes to customers Michael Still (Dec 20)
- Re: Announcing Peering-LAN prefixes to customers Dominic Schallert (Dec 20)
- Re: Announcing Peering-LAN prefixes to customers Steven Bakker (Dec 21)
- Re: Announcing Peering-LAN prefixes to customers Dominic Schallert (Dec 20)