route filtering in large networks
Andy Dills
andy at xecu.net
Thu Mar 13 05:21:10 UTC 2003
On Wed, 12 Mar 2003, Randy Bush wrote:
> > How would the banana eaters screw up applying the same prefix-list
> > outbound to all neighbors?
>
> by spending [some small part of] their time configuring routers as
> opposed to building tools to configure routers demonstratably
> correctly.
>
> when fingers 'touch' routers, bad things are bound to happen sooner
> or later.
I wouldn't disagree with you. It would seem that the more complex the
network, the more automation and abstraction is required. Few would
disagree with that.
But then, if configuration of routers is automated, it would seem even
easier to implement the route filtering. Verio has a history of being a
prefix length nazi, but were they that way about route validity? Plenty of
networks are stringent on what they accept from their customers, but are
they as stringent with the routes they send?
As long as people continue to have unfiltered peers (save for
maximum-prefix), this would seem a reasonable measure of implementing the
principle of being liberal with what you accept and conservative with what
you send.
Andy
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Andy Dills 301-682-9972
Xecunet, LLC www.xecu.net
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Dialup * Webhosting * E-Commerce * High-Speed Access
More information about the NANOG
mailing list