HE.net BGP origin attribute rewriting
Richard A Steenbergen
ras at e-gerbil.net
Thu May 31 17:22:16 UTC 2012
On Thu, May 31, 2012 at 12:21:12PM -0400, Keegan Holley wrote:
> The internet by definition is a network of network so no one entity
> can keep traffic segregated to their network. Modifying someone else
> routing advertisements without their consent is just as bad as
> filtering them in my opinion. Doing so to move traffic into your AS
> in order to gain an advantage in peering arrangements and make more
> money off of the end user is just dastardly.
There was one particularly (in)famous network *coughpeer1cough* which
was well known for selectively rewriting the origin codes towards their
peers a few years back. For example, if traffic was going to New York,
they would advertise the prefix with IGP in New York, and Incomplete
everywhere else, forcing other networks to haul the traffic to New York.
This is a violation of most peering agreements, which require consistent
advertisements unless otherwise agreed, but it was just sneaky enough
that it flew under the radar of most folks for quite a while. When it
was finally noticed and they refused to stop doing it when asked, a few
folks just depeered them, but a bunch of others just "solved the
problem" by rewriting the origin codes. This is why you still see a lot
of rewriting happening today by default, to avoid a repeat of the same
issue.
Personally I was of the opinion that the correct solution to this
particular problem was just to terminate the peering relationship, but
honestly Origin code is a pretty useless attribute in the modern
Internet, and it exists today only because it's impossible to take it
out of the protocol. I don't see anyone complaining when we rewrite
someone else's MEDs, sometimes as a trick to move traffic onto your
network (*), or even that big of a complaint when we remove another
networks' communities, so I don't see why anyone cares about this one.
Maybe a "better" fix would be a local knob to ignore Origin code in the
best path decision without having to modify it. Start asking your
vendors for it now, maybe it'll show up around 2017... :)
(*) I've seen a lot of inexperienced BGP speaking customers be very
upset that they can't "send any traffic using natural bgp" (yes, there
appears to be some kind of delusion running around that modifying BGP
attributes to influence path selection is bad... What's next, "organic
routes, not from concentrate"? :P), which in the end turned out to be us
sending the customer MEDs based on our IGP cost, other networks sending
them MEDs of 0, and them not knowing enough to do something useful with
the data or else rewrite it to 0.
--
Richard A Steenbergen <ras at e-gerbil.net> http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
More information about the NANOG
mailing list