nanog mailing list archives
Re: BCP 38 addendum
From: Baldur Norddahl <baldur.norddahl () gmail com>
Date: Sun, 11 Mar 2018 22:25:42 +0100
I have a router that takes a long time to converge after reboot. To fix that I do not want to advertise my prefixes until the router is fully ready. But I still want to establish the BGP sessions otherwise the router will never be ready. So we program in a delay until advertising after BGP session established. Now if my peers automatically converted BGP announced prefixes into ACLs, they would blackhole any traffic that might come to this router during startup. This is obviously not good. BGP announced prefixes tells you what I can receive but not what I can send. Interpreting that any other way is abusing the protocol. You would need a new BGP extension so we could announce what we might send independent of what we want to receive. IRR generated ACL filters might work if agreeable by the peer. Regards Baldur
Current thread:
- BCP 38 addendum (was: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks) Todd Crane (Mar 02)
- Re: BCP 38 addendum (was: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks) Mike Hammett (Mar 02)
- Re: BCP 38 addendum joel jaeggli (Mar 02)
- Re: BCP 38 addendum (was: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks) Barry Raveendran Greene (Mar 02)
- Re: BCP 38 addendum Fabien VINCENT (NaNOG) (Mar 04)
- Message not available
- Re: BCP 38 addendum Fabien VINCENT (NaNOG) (Mar 07)
- Re: BCP 38 addendum Saku Ytti (Mar 07)
- Re: BCP 38 addendum Fabien VINCENT (NaNOG) (Mar 09)
- Re: BCP 38 addendum Saku Ytti (Mar 07)
- Re: BCP 38 addendum Baldur Norddahl (Mar 11)
- Re: BCP 38 addendum Fabien VINCENT (NaNOG) (Mar 04)