North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: [doable?] peer filtering (was Re: Trusting BGP sessions)

  • From: John Fraizer
  • Date: Thu Nov 16 05:35:41 2000

That sounds doable.  It might be painful to implement though because there
are loads of nets that don't update to any IRR.  I like the RIS Query
site.  Slick.

John Fraizer
EnterZone, Inc

On Thu, 16 Nov 2000, Kurt Kayser wrote:

> John,
> On Thu, Nov 16, 2000 at 04:38:33AM -0500, John Fraizer wrote:
> > How do you suppose the router is going to be able to get to the database
> > server?  It has to have a route to the database server and until it does,
> > it can not even verify that it should accept that route.
> > 
> > ---
> > John Fraizer
> > EnterZone, Inc
> In case of a cold-start, I would give the box a base config that tells how 
> to build the IGP and iBGP topology. Then a DB-server within the ISPs network 
> should be within reach.
> There is more information stored how to connect the external world (peers,
> upstreams) and basic filters (martians, own blocks, prefix length)
> After that the database links into the IRR-System to get 'live' external
> information that passes local policy adjustments (communities, prepends, etc.)
> and new updates always get through the database-system. In this case you also
> have a kind of BGP-trail (basically
> that can be used in many ways after something went wrong with routing.
> I believe not many networks keep what has been happening in their routing
> tables. Or even are able to reconstruct a specific situation that lead to
> some erradic situation.
> Kurt
> -- 
> noris network AG    / Kilianstrasse 142 \ 90425 Nuernberg
> Tel. (0911) 9352-0 / Fax (0911) 9352-100 \ [email protected]