North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Is it time to abandon bogon prefix filters?

  • From: Jo Rhett
  • Date: Thu Aug 21 18:01:38 2008

On Aug 20, 2008, at 7:00 AM, Kevin Loch wrote:
It doesn't look like the feasible paths rpf handles the situation where
your bgp customer is not announcing all or any of their prefixes to you.
This can be done for TE or debugging an inbound routing
issue. Announcing prefixes to me and then blackholing the traffic
is not something I would appreciate as a customer.


If you do this (or strict rpf) on BGP customers at least warn them up front
that if they ever stop announcing prefixes to you then traffic they send
you will get dropped.


Clueful BGP admins know how to send their routes with no-advertise on them.

There are fairly good reasons to require your direct customers always advertise their routes to you, even if you won't be readvertising them. uRPF is one. Not paying transit both inbound and out for multi- gig DoS attacks is my favorite. Etc.

--
Jo Rhett
Net Consonance : consonant endings by net philanthropy, open source and other randomness