nanog mailing list archives
Re: How long AS-PATH policies have you used
From: Saku Ytti via NANOG <nanog () lists nanog org>
Date: Thu, 26 Feb 2026 18:33:15 +0200
On Thu, 26 Feb 2026 at 17:41, Job Snijders <job () bsd nl> wrote:
I think you may be holding some of this upside down: by locking a select few ASNs in such that they can only appear behind specific BGP sessions, your autonomous system helps protect the global Internet routing system. Save the cheerleader, save the world. ;-)
Yes. But let's say I am tier1. It is likely entirely kosher for me to lock every other tier1 from non tier1 ports. Maybe this is anticompetitive to tier2, but maybe it is kosher. However, if I offer peerlock to say AMZN, META or GOOG, now it is definitely anticompetitive. I am choosing winners and losers, which is not my position as tier1 to do. Worse, I am providing superior services to market leaders. Now what would fair peerlock look like? Where anyone can tell me, offer me this service. It probably wouldn't be a negative match 'these cannot appear on this port', because then I'm adding every ASN opting-in to every port. So simple customer with one ASN gets an increasingly long negative 'not these ASNs' list. So I probably want a positive match, 'only these'. So how could this work? How could both Upcloud and Amazon at equal footing communicate to me that 'remove my ASN from AS_PATH on all ports except X'. I have a solution to that. But I have no interest in driving it, nor is it even relevant to the question, this is a complete sidetrack. Since the question is, can we stop honoring AS-SET, if the answer is 'yes', great. But objectively the solution you offer, has extremely small coverage compared to AS-SET as the world is today. I am not saying don't do those, I am saying, can I do just those, without doing AS-SET and not be held accountable? While many AS-SET are trash, most are good. That is, most ports have short list of allowable ASN and any mistake those ports do, won't be accepted. This would be gone, if that is fine, that is very great news. It is a little bit different for it being fine to Fastly, and it being fine to network which connects customers. -- ++ytti _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/nanog () lists nanog org/message/RJ7OPZYBPQKPDTMQGU6WL4GX2PC2QJUT/
Current thread:
- How long AS-PATH policies have you used Saku Ytti via NANOG (Feb 23)
- Re: How long AS-PATH policies have you used Tom Beecher via NANOG (Feb 24)
- Re: How long AS-PATH policies have you used Saku Ytti via NANOG (Feb 24)
- Re: How long AS-PATH policies have you used James Bensley via NANOG (Feb 25)
- Re: How long AS-PATH policies have you used Saku Ytti via NANOG (Feb 25)
- Re: How long AS-PATH policies have you used Job Snijders via NANOG (Feb 26)
- Re: How long AS-PATH policies have you used Saku Ytti via NANOG (Feb 26)
- Re: How long AS-PATH policies have you used Saku Ytti via NANOG (Feb 26)
- Re: How long AS-PATH policies have you used Saku Ytti via NANOG (Feb 26)
- Re: How long AS-PATH policies have you used Job Snijders via NANOG (Feb 26)
- Re: How long AS-PATH policies have you used Saku Ytti via NANOG (Feb 26)
- Re: How long AS-PATH policies have you used Saku Ytti via NANOG (Feb 25)
- Re: How long AS-PATH policies have you used Tom Beecher via NANOG (Feb 24)
- Securing EBGP while getting rid of big IRR-based prefix-list-filters (Was: How long AS-PATH policies have you used) Job Snijders via NANOG (Feb 26)
