route filtering in large networks

• Previous message (by thread): route filtering in large networks
• Next message (by thread): route filtering in large networks
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 12 Mar 2003, Randy Bush wrote:

> > How would the banana eaters screw up applying the same prefix-list
> > outbound to all neighbors?
>
> by spending [some small part of] their time configuring routers as
> opposed to building tools to configure routers demonstratably
> correctly.
>
> when fingers 'touch' routers, bad things are bound to happen sooner
> or later.

I wouldn't disagree with you. It would seem that the more complex the
network, the more automation and abstraction is required. Few would
disagree with that.

But then, if configuration of routers is automated, it would seem even
easier to implement the route filtering. Verio has a history of being a
prefix length nazi, but were they that way about route validity? Plenty of
networks are stringent on what they accept from their customers, but are
they as stringent with the routes they send?

As long as people continue to have unfiltered peers (save for
maximum-prefix), this would seem a reasonable measure of implementing the
principle of being liberal with what you accept and conservative with what
you send.

Andy

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Andy Dills                              301-682-9972
Xecunet, LLC                            www.xecu.net
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Dialup * Webhosting * E-Commerce * High-Speed Access

• Previous message (by thread): route filtering in large networks
• Next message (by thread): route filtering in large networks
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]