peering requirements (Re: DDOS anecdotes)
Simon Lyall
simon.lyall at ihug.co.nz
Sun Jun 24 03:37:51 UTC 2001
On Sat, 23 Jun 2001, Eric Oosting wrote:
> Under what circumstances would the assumption (that an AS should always
> advertise a route to the source address of packets it transmits) not be a
> good one?
Assymmetrical routing is a good one (see the reference Roland Dobbins
posted for part of the story).
Half the networks here are advertised out of different places from which
the packets leave. This is mainly due to having one way satellite links.
Sure the networks are advertised somewhere, but it's on the other side of
the world (and to a bunch of different providers) from where we send the
packets to you.
Another one we have is a pop with a small link and larger link. To make
some use out of the small link you might advertise only some networks at
the pop. But at the same time outgoing traffic from any of the networks at
that pop may go out that link. Sure you could prepend everything half a
dozen times but some people ignore prepends for directly connected peers
so this won't work (we tried it, we know).
Another point, if people are going to have filters then they MUST have a
quick and easy way for this filters to be changed and to propogate
everywhere quickly. People who insist that you provide an exact list of
what you want to advertise (with the exact prefixes) and then take a week
to process any changes (or 12 hours for that matter) should have prices to
match their discount level of service.
--
Simon Lyall. | Newsmaster | Work: simon.lyall at ihug.co.nz
Senior Network/System Admin | Postmaster | Home: simon at darkmere.gen.nz
ihug, Auckland, NZ | Asst Doorman | Web: http://www.darkmere.gen.nz
More information about the NANOG
mailing list