Route leak in Bangladesh

• Previous message (by thread): Route leak in Bangladesh
• Next message (by thread): Route leak in Bangladesh
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 01/07/2015 16:02, Mark Tinka wrote:
> Honestly, I'm ambivalent about using the IRR data for prefix-list
> generation (even without RPSL), also because of how much junk there is
> in there, and also how redundant some of it really is, e.g., someone
> creating a /32 (IPv4) route object and yet we only accept up to a /24
> (IPv4) on the actual eBGP session, e.t.c.

We went through this a couple of years ago at INEX and ended up with a
provisioning system which allows the operator to only allow specific IRRDB
source: entries, customisable per customer.  You're right that it would be
foolish to accept any IRRDB source because a lot of them are complete trash.

Otherwise, it works incredibly well for us and has stopped innumerable
prefix leaks and other silly misconfigs.

The source code is available on github.com/inex.  Lots of IXPs use it in
production.

Nick

• Previous message (by thread): Route leak in Bangladesh
• Next message (by thread): Route leak in Bangladesh
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]