HE.net BGP origin attribute rewriting

• Previous message (by thread): HE.net BGP origin attribute rewriting
• Next message (by thread): HE.net BGP origin attribute rewriting
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, May 31, 2012 at 12:21:12PM -0400, Keegan Holley wrote:
> The internet by definition is a network of network so no one entity 
> can keep traffic segregated to their network.  Modifying someone else 
> routing advertisements without their consent is just as bad as 
> filtering them in my opinion.  Doing so to move traffic into your AS 
> in order to gain an advantage in peering arrangements and make more 
> money off of the end user is just dastardly.

There was one particularly (in)famous network *coughpeer1cough* which 
was well known for selectively rewriting the origin codes towards their 
peers a few years back. For example, if traffic was going to New York, 
they would advertise the prefix with IGP in New York, and Incomplete 
everywhere else, forcing other networks to haul the traffic to New York. 
This is a violation of most peering agreements, which require consistent 
advertisements unless otherwise agreed, but it was just sneaky enough 
that it flew under the radar of most folks for quite a while. When it 
was finally noticed and they refused to stop doing it when asked, a few 
folks just depeered them, but a bunch of others just "solved the 
problem" by rewriting the origin codes. This is why you still see a lot 
of rewriting happening today by default, to avoid a repeat of the same 
issue.

Personally I was of the opinion that the correct solution to this 
particular problem was just to terminate the peering relationship, but 
honestly Origin code is a pretty useless attribute in the modern 
Internet, and it exists today only because it's impossible to take it 
out of the protocol. I don't see anyone complaining when we rewrite 
someone else's MEDs, sometimes as a trick to move traffic onto your 
network (*), or even that big of a complaint when we remove another 
networks' communities, so I don't see why anyone cares about this one.

Maybe a "better" fix would be a local knob to ignore Origin code in the 
best path decision without having to modify it. Start asking your 
vendors for it now, maybe it'll show up around 2017... :)

(*) I've seen a lot of inexperienced BGP speaking customers be very 
upset that they can't "send any traffic using natural bgp" (yes, there 
appears to be some kind of delusion running around that modifying BGP 
attributes to influence path selection is bad... What's next, "organic 
routes, not from concentrate"? :P), which in the end turned out to be us 
sending the customer MEDs based on our IGP cost, other networks sending 
them MEDs of 0, and them not knowing enough to do something useful with 
the data or else rewrite it to 0.

-- 
Richard A Steenbergen <ras at e-gerbil.net>       http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)

• Previous message (by thread): HE.net BGP origin attribute rewriting
• Next message (by thread): HE.net BGP origin attribute rewriting
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]