|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: DoS attacks, NSPs unresponsiveness
Joe Shaw wrote: >Wouldn't it be better, at least from an engineering standpoint, to still >announce their routes with AS padding to increase the AS-path so in the >event their other connection(s) goes down they still have some type of >inbound connectivity? It seems like your example would work in a best >case scenario, but customer X would drop off of the planet in the event of >a partial outage without some manual reconfiguration. I did something >similar to what you are suggesting, but we still announced the routes, >with padding, so that in the event of a failure the network could still >function. The link did fail eventually (would you believe me if I >mentioned there was a backhoe and a contractor involved?), and while the >network was certainly slower than normal, it continued to function >adequately so that there was no perceivable outage seen by our customers. In theory, yes, but in practice, I've found that no matter how much you use AS prepending on routing announcements for a specific link, there is some minimum amount of traffic that you will always receive through it, and that amount may be more than you're willing to accept for anything other than an emergency situation. The length of the AS path is not the first thing that a router looks at when deciding which path offers the best route. I've used certain circuits as "manually operated backups" in the past because the minimum amount of traffic I'd have pulled in on that pipe was larger than the pipe itself. During an emergency, though, slow and bad connectivity is better than no connectivity at all. (In case of contractor, break glass.) My BGP wish list includes some better way of selecting a path, which gives the initial advertiser more control over inbound traffic. Mark
|