North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Max Prefixes Configured on Customer BGP

  • From: Niels Bakker
  • Date: Thu Aug 15 21:07:44 2002

* [email protected] (Joe Wood) [Fri 16 Aug 2002, 02:38 CEST]:
>>> I know from past experience as a transit customer, that I have
>>> personally shyed away from ISP's that have restricted me to having
>>> their NOC update my ACL.
>> But instead you prefer a "lazy" NOC, where you need manual intervention in
>> case you screw up a filter list on your end to re-enable the BGP session?
> No, instead I prefer to do all route filtering on my (cust) side, and have
> the ISP do filtering based on AS PATH, be it ^CUST-AS_ or configured off
> the RADB......

(Well, if a customer is accidentally leaking a full table then ^CUST-AS_
 will still match everything they send you...)

Filtering from RADB has its own problems.  It's much better now than
it was a few years ago, with RPSL, PGP authentication and not the
free-for-all it used to be.  :)


> It's been my experience that a lot of the providers that do prefix
> filtering on customer BGP sessions take great amounts of time before they
> act on the prefix-filter update request. This much fun when it's 5pm or
> later and you really need to announce a new customer netblock.

My only experience in this regard is with UUNet, and they're pretty
quick.  Conceded that this was during a Europe-wide outage and the
slightly too strict filter was on a transit connection in the US.

Configuring off an IRR is a Good Thing.  Doing it in an automated
fashion without some sort of supervision can at best be called risky.

Take care,


	-- Niels.

-- 
Aug 12 21:22:27 snowcrash ntpd[184]: time reset 6.666601 s
Coincidence?  I think not!