North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Erroneous BGP advertisement

  • From: David J. Schmidt
  • Date: Wed Feb 11 13:31:33 1998

On Wed, 11 Feb 1998, Joe  Shaw wrote:

> I thought all responsible parties (like Sprint) filtered their customer
> routes.  I know I can't advertise or leak out anything to MCI or UUNet
> that I havn't registered with them.  I've heard in the past that Sprints
> route acceptance policy was a little on the trusting side, but not
> filtering your customers announcements is just silly.  They (sprint)
> should only allow their customers to advertise their registered IP space
> and stop things like this from happening.
> I'm looking at Sprint's BGP policy (
> and it appears that they are way too trusting.  They expect their
> customers to do everything right, and for someone with little or no
> knowledge of setting up BGP, they could quickly cause havoc for Sprint's
> or other carriers' networks.  This is especially interesting since they
> offer no BGP help what so ever according to this document.  Also according
> to this document, the customer is responsible for all filtering, which is
> an extremely poor practice.  I wonder how long it will take for a Sprint
> customer to advertise a default route out and I wonder how many sites it
> would effectively blackhole.
> Regards,
> Joe Shaw - [email protected]
> NetAdmin - Insync Internet Services

We multihomed with Sprint around the beginning of October.  Sprintlink
will do either AS or IP based filters to their BGP peers.  From their

8. Do you prefer AS (see 8a) or IP (see 8b) based filters*?
   [ ] AS filters - answer question 8a
   [*] IP filters - answer question 8b

  * All customers are filtered based on either AS path or IP address.  AS
    filters allow customers to announce any blocks they acquire but can 
    lead to problems if the customer configuration announces other provider
    routes to us (creating transit across the customer) or our own routes 
    back to us (creating a black hole).  IP filters allow customers to 
    modify the AS announcements.  Both methods have their advantages and
    we prefer to set up IP filters because it makes the customer
    configurations simpler and avoids possible transit/black hole problems.

If the customer has chosen AS based filtering then they can announce any
addresses at will, causing this type of problem.

Incidently, we chose IP filtering :-).

[email protected]    Internet Ventures, Inc.   (509)622-2878 x238
Spokane, Washington     (509)622-2872 (fax)