North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: [doable?] peer filtering (was Re: Trusting BGP sessions)

  • From: Kurt Kayser
  • Date: Thu Nov 16 05:13:07 2000


On Thu, Nov 16, 2000 at 04:38:33AM -0500, John Fraizer wrote:
> How do you suppose the router is going to be able to get to the database
> server?  It has to have a route to the database server and until it does,
> it can not even verify that it should accept that route.
> ---
> John Fraizer
> EnterZone, Inc

In case of a cold-start, I would give the box a base config that tells how 
to build the IGP and iBGP topology. Then a DB-server within the ISPs network 
should be within reach.
There is more information stored how to connect the external world (peers,
upstreams) and basic filters (martians, own blocks, prefix length)

After that the database links into the IRR-System to get 'live' external
information that passes local policy adjustments (communities, prepends, etc.)
and new updates always get through the database-system. In this case you also
have a kind of BGP-trail (basically
that can be used in many ways after something went wrong with routing.

I believe not many networks keep what has been happening in their routing
tables. Or even are able to reconstruct a specific situation that lead to
some erradic situation.

noris network AG    / Kilianstrasse 142 \ 90425 Nuernberg
Tel. (0911) 9352-0 / Fax (0911) 9352-100 \ [email protected]