intra-AS messaging for route leak prevention

Joe Provo nanog-post at rsuc.gweep.net
Wed Jun 8 12:48:11 UTC 2016


On Wed, Jun 08, 2016 at 11:48:36AM +0000, Sriram, Kotikalapudi (Fed) wrote:
> Thanks for the inputs about the inter-AS messaging and route-leak prevention
> techniques between neighboring ASes. Certainly helpful information and also useful
> for the draft (draft-ietf-idr-route-leak-detection-mitigation).
> 
> However, my question was focused on "intra-AS" messaging.
> About conveying from ingress to egress router (within your AS),
> the info regarding the type of peer from which the route was received at ingress.
> This info is used at the egress router to avoid leaking a route.
> 
> Question: Is the "common practice" described in the original message
> http://mailman.nanog.org/pipermail/nanog/2016-June/086242.html  (see the stuff in quotes)
> sufficient or are there other ways in common use in which network operators 
> convey the said information from ingress to egress router?
 
"There are more routing policies in heavan and earth, Sriram
 Than are dreamt of in your draft."

But in my experience, community tagging is by far the widest 
deployment due to the broad support and extent of information 
which can be carried.  It is useful to note that AS_PATH if 
often also involved on egress decisions. 

The sadness is that some platforms' processing of prefixes 
and policies coupled with certain operational practices mean 
we still see leaks beyond intended scope during maintenance 
windows.

cheers!

Joe

-- 
        RSUC / GweepNet / Spunk / FnB / CotSG / Usenix / NANOG



More information about the NANOG mailing list