Level(3) filtering (was Yahoo outage summary)

• Previous message (by thread): IP Allocations and moving AS numbers
• Next message (by thread): Level(3) filtering (was Yahoo outage summary)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

There is some misinformation in previous posts that I would like to 
clarify on the Level 3 side of things.

Every transit-like connection on AS3356 is prefix-filtered including all 
parties in this event.  On AS3356 all prefix filters and import policies 
on BGP sessions are audited and checked in almost realtime for people or 
system errors (missing, mis-referenced, not referenced, otherwise broken 
config, etc.)  The prefix filters themselves are generated using data from 
Level 3's own registry and known public route registries.  As several 
folks have pointed out there are minimal checks for the validity of the 
source information.

Further details on Level 3 filtering policies are available at:
    whois -h rr.level3.net AS3356 | grep remarks

As an aside I see an increase in the number of downstreams asking for 
as-path filtering or *no* filtering usually with justifications of ISP X 
doesn't require us to register routes or just does as-path filtering.  In 
my opinion that is bad news for everyone as documented in numerous 
BCPs, presentations and route-leaks.

 	-Kevin

Disclaimer - I do work for Level 3 but am expressing my opinions and not 
those of my employer.

• Previous message (by thread): IP Allocations and moving AS numbers
• Next message (by thread): Level(3) filtering (was Yahoo outage summary)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]