|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: BGP Path Filtering
> Having being involved in cleaning up the networks of many small ISPs > (by your definition of small) after they have been deployed by people > long since departed, I completely disagree with your last sentence. > > Maybe complexity is in the eye of the beholder, but ISPs which classify > the routes they carry according to origin using community string > attributes are much easier to debug and understand than those who > specify their exit policy using hard-coded prefix and as-path filters > all over the place. > > I don't think "start messy and clean up later" is good advice. Do it > right the first time, and grow smoothly without difficult migrations. This is very simple - use both: Have standard "I can advertise these prefixes" list on every router. Have standard "I can advertise these AS_PATHs" list on every router. Set communities on the entry for routes that you have accepted. Advertise only routes that have correct community *and* match the standard "I can advertise AS_PATHs" and standard "I can advertise prefixes" lists. Even if you have 1000 routers it is not that difficult because no one ever said that you need to manually update those standard prefix lists an standard AS_PATHs lists. Alex
|