North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: The Gorgon's Knot. Was: Re: Verio Peering Question
> Date: Fri, 28 Sep 2001 17:30:15 -0700 (PDT) > From: Sean M. Doran <[email protected]> [ snip ] > | + The whole Internet with as much reliability as possible? > > if #3 then what's the problem with: > > ip as-path access-list 1 permit _badguy_ > > route-map fix-badguy permit 10 > descr proxy-aggregate the networks who are "holey" > match as-path 1 > > router bgp my-as > aggregate-address bad.guy.blo.ck1 255.255.224.0 as-set suppress-map fix-badguy > aggregate-address bad.guy.blo.ck2 255.255.224.0 as-set suppress-map fix-badguy > ... And one aggregates a lone /24 with what? Again, my point (and I believe Patrick's) is that there are valid reasons for an entity without a PI /20 to multihome. Filter the /24s, and we have a problem. Of course, I guess that AT&T, PSI, BBN, etc. can save their multihomed downstreams from certain filtration by... allocating more IP space in 60/8 through 66/8, or from "class C" space. How efficient. > So, rather than make a subtle change that some backwards ISPs never > even noticed, a more forceful change (filtering) was made, and everyone > noticed that, but more because of the continuing bad PR about how evil > and rapacious it was to filter in the first place. *sigh* Maybe I need to use more emoticons. The part where I said that filtering is a good thing -- _to a certain extent_ -- was serious... > | Maybe I'll filter anything longer than a /8... > > Please do, and tell us what you CAN'T reach after you throw > away all the longer prefixes, and if you care after you > install a default or proxy-aggregate, or whatnot to try to > retain connectivity to those "extraneous info" destinations. ...and I _certainly_ hope that nobody believed me on this one. Filtering longer than /8 is clearly stupid. Filtering /32 is clearly a good thing. Now, where do we draw the line? Do we filter multihomed /24s? I vote that's unacceptable. As Patrick pointed out... if _all_ major carriers filtered _all_ /24 adverts, one would essentially be single-homed to one's IP space provider. Back to "route to the whole Internet with as much reliability as possible". I contend that someone purchasing bandwidth wants to maximize reliability to _all_ of the Internet. Someone selling bandwidth should deliver. I offer the overused example of AS11643... they're just basement multihomers with /24, /23, and /22 prefixes. Clearly those adverts deserve to be filtered. *waves big sign stating "sarcasm here"* If EXDS routing were fscked, how does one reach 216.32.120/24? Assume for the sake of this discussion that one cannot hear /24s via 701, 1239, or 6461. [How much is eBay paying XO to carry its longer prefixes?] So: Where do we draw the line on filtering? Eddy --------------------------------------------------------------------------- Brotsman & Dreger, Inc. - EverQuick Internet Division Phone: +1 (316) 794-8922 Wichita/(Inter)national Phone: +1 (785) 865-5885 Lawrence --------------------------------------------------------------------------- Date: Mon, 21 May 2001 11:23:58 +0000 (GMT) From: A Trap <[email protected]> To: [email protected] Subject: Please ignore this portion of my mail signature. These last few lines are a trap for address-harvesting spambots. Do NOT send mail to <[email protected]>, or you are likely to be blocked.
|