IXP

• Previous message (by thread): IXP
• Next message (by thread): IXP
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

If you are unfortunate enough to have to peer at a public exchange
point, put your public ports into a vrf that has your routes. Default
will be suboptimal to debug.

I must say stephen and vixie and (how hard this is to type) even
richard steenbergens methodology makes the most sense going forward.
Mostly to prevent self-inflicted harm on parts of the exchange
participants. Will it work? Doubtful in todays internet clue level

/vijay

On 4/18/09, Jeff Young <young at jsyoung.net> wrote:
> Best solution I ever saw to an 'unintended' third-party
> peering was devised by a pretty brilliant guy (who can
> pipe up if he's listening).  When he discovered traffic
> loads coming from non-peers he'd drop in an ACL that
> blocked everything except ICMP - then tell the NOC to
> route the call to his desk with the third party finally gave
> up troubleshooting and called in...
>
> fun memories of the NAPs...
>
> jy
>
>
> On Apr 18, 2009, at 11:35 AM, Nick Hilliard wrote:
>
>> On 18/04/2009 01:08, Paul Vixie wrote:
>>> i've spent more than several late nights and long weekends dealing
>>> with
>>> the problems of shared multiaccess IXP networks.  broadcast storms,
>>> poisoned ARP, pointing default, unintended third party BGP,
>>> unintended
>>> spanning tree, semitranslucent loops, unauthorized IXP LAN
>>> extension...
>>> all to watch the largest flows move off to PNI as soon as somebody's
>>> port was getting full.
>>
>
>

-- 
Sent from my mobile device

• Previous message (by thread): IXP
• Next message (by thread): IXP
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]