North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: genuity - any good?
Hmm. From a coding point of view you are certainly correct. From a troubleshooting POV, prefix lists are superior, because it is much easier to tell, at a glance, what the ACL is supposed to do, particularly for less experienced engineers. This is a significant advantage. However, it can be a big project to convert a large, installed base of extended ACLs to prefix-list ACLs, so that might be why Genu has held off. Even with a script or other tool, there is still a chance for some customer downtime. As far as requring exact ACLs, rather than allowing "greater than or equal to" type ACLs - there are a couple good reasons for this. One is, to ensure maximum route aggregation by your customers, and potentially prevent serious deaggregations. This may also help with troubleshooting. Of course, it's less convenient for customers, and requires more interaction and changing of ACLs, which can cause downtime. I suspect the best practice, at this point, is autogeneration of ACLs using IRR database entries, and tools like RTConfig or their homegrown equivalent. - Daniel Golding > -----Original Message----- > From: [email protected] [mailto:[email protected]]On Behalf Of > Martin, Christian > Sent: Friday, April 12, 2002 2:31 PM > To: '[email protected]'; [email protected] > Cc: [email protected]; [email protected] > Subject: RE: genuity - any good? > > > > I think the argument is not about route filtering - it is the > implementation > method. > > Genuity uses ip extended access-lists. > > Everyone else uses prefix-lists. > > To a purist, the former is more granular, but performs poorly > because it is > a linked list implementation. The later, while less granular, performs > faster by using a trie. It also allows insertion without list rebuilding. > Does this matter much? I'm sure there are some that have tested > convergence > between the two technologies, so I'd welcome comments out of curiosity. > > They are somewhat anal with their lists as well. If you have a > /19, but you > want to deaggregate for inbound BGP TE, you will need to send them EVERY > route you will send. That can be 64 subnets. For a /16, it is waaayyy > worse. Then again, it allows them to know exactly how many > prefixes MAY be > announced from their customers, which I suppose has its merits. > > chris > > >-----Original Message----- > >From: [email protected] [mailto:[email protected]] > >Sent: Friday, April 12, 2002 2:08 PM > >To: [email protected]rlic.com > >Cc: [email protected]; [email protected] > >Subject: Re: genuity - any good? > > > > > > > >> 1) Their BGP polices are not as good as others. They force you to > >> register each route you want to advertise rather than > >allowing you to > >> advertise any reasonable route for your prefixes. According > >to one of > >> their top people, prefix-lists were unreliable new technology. We > >> gave up and canceled the circuit. > > > >Man I don't know of a provider that doesn't do this - but the > >fact is this is a good thing. > > >
|