BGP Path Filtering

Joe Abley jabley at isc.org
Sat May 17 00:20:39 UTC 2003


On Friday, May 16, 2003, at 20:00 Canada/Eastern, Sean Donelan wrote:

> Small ISPs with only a few eBGP neighbors (i.e. less than a dozen) and
> a few network prefixes (i.e. less than a 100) probablly should stick 
> with
> hardcoded, explicit prefix and as-path filters.  Coordinate the 
> occasional
> updates to the filters with your upstreams (since they should be
> filtering your announcements on ingress anyway).  You are less likely 
> to
> mess things up, and its simplier to understand if another network
> engineer needs to debug things later.

Having being involved in cleaning up the networks of many small ISPs 
(by your definition of small) after they have been deployed by people 
long since departed, I completely disagree with your last sentence.

Maybe complexity is in the eye of the beholder, but ISPs which classify 
the routes they carry according to origin using community string 
attributes are much easier to debug and understand than those who 
specify their exit policy using hard-coded prefix and as-path filters 
all over the place.

I don't think "start messy and clean up later" is good advice. Do it 
right the first time, and grow smoothly without difficult migrations.


Joe




More information about the NANOG mailing list