North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
RE: URPF on small BGP-enabled customers?
>My network is a multi-homed stub AS and I only announce 5 prefixes. Not much different from many of my networks here, then. > If they're paranoid enough to manually filter my BGP > announcements it's not much more work to manually filter my > source addresses too (nevermind the fact that I already do it > myself, but...) SprintLink has been filtering BGP announcements since we came online with them a few years ago. They'd probably been doing it for some time before then, too. I don't see it as paranoid, to me it's just good practice (if a bit difficult to manage when you're as large as SL is). Stupid questions I must ask: * Did you actually give them all five prefixes when you were setting up your BGP request (your statement is a little vague on that detail)? * Did you request a copy of the BGP filter they're applying to your circuit(s)? Do they look okay? * What do route servers say about your prefixes/AS? EG, does oregon-ix.net see it as hanging off Sprint? * You are announcing off a loopback address, right? > I'm working through the SprintLink noc/support process but > I'm surprised this hasn't happened to any of their other > customers before now. As has already been said, I'm sure it has... You just have to find the engineers who've dealt with those situations before. A lot of their staff is fairly clueful but they're highly departmentalized. BGP team only does their BGP thing, etc. It can be hard to do proper troubleshooting when one team can only go so far before you're forced to hand off and start the process anew. Your best bet is to start with the obvious (get the BGP config and ACLs they're applying for you) and work your way from there. -jfo Jason "Feren" Olsen DeVry, Inc. Senior Network Engineer One Tower Lane Em: [email protected] Oakbrook Terrace, IL 60181-4624 Ph: 630.645.1607 Fx: 630.382.2929