Route table growth and hardware limits...talk to the filter

• Previous message (by thread): Route table growth and hardware limits...talk to the filter
• Next message (by thread): Route table growth and hardware limits...talk to the filter
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I oppose wholesale filtering by allocation size policy as an acceptable
metric for reducing your RIB.

There are legitimate reasons to announce only /24s within a /21 or /22 PI
allocation, for example.  Perhaps an org has diverse networks in multiple
cities and doesn't want to be beholden to upstream PA space.  One may argue,
"build a proper network, noob," but there may not be a business case for
sufficient interconnect between sites to have a consistent origin AS.

If one could filter in such a way that one only aggregated prefixes back to
their allocated size when the AS path (or even origin AS) is the same, then
you won't be breaking anyone, and will put the kibosh on the noobs who deagg
for no good reason (but no vendor is giving us a 'filter-stupid' knob yet).

Filtering/aggregating outside your local RIR seems like a better plan to me
(for some networks, anyway).  You're a whole lot less likely to have a
bad/missing path, and you still have sufficient knobs to engineer most
outbound flows.

-Kevin Blackham
 (recently moved from provider to end network using non-XL PFC)

On 9/10/07, Stephen Sprunk <stephen at sprunk.org> wrote:
>
>
> Thus spake "Kevin Loch" <kloch at kl.net>
> > Stephen Sprunk wrote:
> >> Sucks to be them.  If they do not have enough PA space to meet
> >> the RIR minima, the community has decided they're not "worthy"
> >> of a slot in the DFZ by denying them PI space.
> >
> > Not true, there is an ARIN policy that allows you to get a /24 from
> > one of your providers even if you only need 1 IP address:
> >
> > NPRM 4.2.3.6
> >
> > "This policy allows a downstream customer's multihoming
> > requirement to serve as justification for a /24 reassignment from
> > their upstream ISP, regardless of host requirements."
> >
> > http://www.arin.net/policy/nrpm.html
>
> If the PA /24 is under 199/8 or 204-207/8, then the filters being
> discussed
> would allow their advertisement through, because ARIN's minimum allocation
> for those blocks is /24.  In ARIN's 22 other /8s, the filters would not
> because the minimum is /20 (or /22, for 208/8).
>
> Let's also keep in mind that if other folks block a PA more-specific, the
> site doesn't lose connectivity unless they lose their upstream connection
> to
> the LIR that assigned them the block.  I suspect that many of them already
> see that behavior today, at least partially; we're really discussing
> making
> it a near-complete outage versus a semi-outage.  That's life if you don't
> qualify for a real routing slot via PI.
>
> S
>
> Stephen Sprunk         "God does not play dice."  --Albert Einstein
> CCIE #3723         "God is an inveterate gambler, and He throws the
> K5SSS        dice at every possible opportunity." --Stephen Hawking
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20070910/04808fa0/attachment.html>

• Previous message (by thread): Route table growth and hardware limits...talk to the filter
• Next message (by thread): Route table growth and hardware limits...talk to the filter
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]