North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Test Route
> Let me play Devil's Advocate here for a moment... What no horns? No cloven hooves? No pointy tail? > Why do you need a -policy-? Easy, My policy is to not propogate any customer routes unless they are properly registered in the routing registry. But how do I check that I have a "working" BGP peer up unless I can actually exchange a route? Here the testroute comes in real handy. > Why do you need anything other than what 1597 already says? See above. And besides, 192.0.2.0 is not part of RFC 1597. > 1597 was VERY careful to be general and leave implementation of policy > up to the users. The RA, NAPs, IXs, and others do not need to concern > themselves with how or when these suggestions are implemented. Yup. > The thing to understand is that the 1597 network addresses are not unique > throughout the entire Internet. There use and administration is done on a > local basis, but it behoves us to not get parochial about the term local. Yup > Actually, there's a really interesting point here that's about to give > you a big whopping ulcer. I hate to do this to you but... Not a problem > You, as RA, need to support your customer's routing policies. Darn! I was in it for the praise and adoration > If, for instance, someone at Sprint and someone at MCI get together and > decide jointly that they want to share network 10 "privately" for their > BGP loopbacks or their porno FTP servers, they could form the Sprint/MCI > net-10 consortium and you'd need to carry an advertisement for net 10 in > your RA database so the two sites could exchange routes. > > Here's where the fun comes in... now say Alternet and PSI get together and > want to share network 10 "privately" for their BGP loopbacks or their > porno FTP sites and form the Alternet/PSI net-10 consortium... > You forgot the guys who register their net10 with a policy of "don't route per RFC 1597. I don't think this is a problem in the RADB. We can take this offline to reduce my public exposure. > The long and the short of it is that as RA, not only do you need to not > block 1597 advertisements in your database, you need to correctly implement > virtual private networking for 1597 advertisements. Yup again. > Remember Bill, that the RA needs to not get bogged down by parochial > definitions of "local." Only when it pertains directly to the RA maintained route servers. > I bet now you're wishing you hadn't brought this up and got me thinking... > Sorry...I'll buy you a drink in Danvers to make it up to you. Nope, this is really good. See you in Danvers... :) --bill
|