North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: The Gorgon's Knot. Was: Re: Verio Peering Question

  • From: Sean M. Doran
  • Date: Fri Sep 28 20:34:35 2001

| So your downstreams pay you to connect to:
| + Your AS only;
| + Some of the Internet, but with little concern re accessibility
|   of small networks;
| + The whole Internet with as much reliability as possible?

if #3 then what's the problem with:

	ip as-path access-list 1 permit _badguy_
	route-map fix-badguy permit 10
	 descr proxy-aggregate the networks who are "holey"
	 match as-path 1
	router bgp my-as
	 aggregate-address bad.guy.blo.ck1 as-set suppress-map fix-badguy
	 aggregate-address bad.guy.blo.ck2 as-set suppress-map fix-badguy

except that historically (with one exception, which was rude but educational)
the "badguys" weren't really bad as much as lost somewhere, and didn't
realize what was happening to them.

So, rather than make a subtle change that some backwards ISPs never
even noticed, a more forceful change (filtering) was made, and everyone
noticed that, but more because of the continuing bad PR about how evil
and rapacious it was to filter in the first place.

Oh, wait, throwing away the holes can lead to a sub-optimal path
selection!  And troubles with holes coming from other directions!

"shut up and send me a cheque." -> something more polite but meaning the same
                                   so that customer will happily pay for
                                   a "route-pull".

Again, the great regret was the lack of a web page that would let
one pay to blow holes in the filter and similar mechanisms that
have been deployed from time to time (proxy-aggregation against
backwards ISP, filtering against backwards ICM, RIPE-210 against
the entire universe).

| Maybe I'll filter anything longer than a /8...

Please do, and tell us what you CAN'T reach after you throw
away all the longer prefixes, and if you care after you 
install a default or proxy-aggregate, or whatnot to try to
retain connectivity to those "extraneous info" destinations.


ps - for those who don't know, ICM is AS 1800, and has an interesting