Location of upstream connections & BGP templates

• Previous message (by thread): Location of upstream connections & BGP templates
• Next message (by thread): Location of upstream connections & BGP templates
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Ditto

Sent from my iPhone

On Feb 17, 2010, at 7:38 PM, "Scott Weeks" <surfer at mauigateway.com>  
wrote:

>
>
> --- steve at ibctech.ca wrote:
> From: Steve Bertrand <steve at ibctech.ca>
>
> layered. My thinking is that my 'upstream' connections should be moved
> out of the core, and onto the edge. My reasoning for this is so that I
>
> What do other providers do? Are your transit peers connected  
> directly to
> the core? I can understand such a setup for transit-only providers,  
> but
> --------------------------------------------
>
>
> Border, core, access.
>
> Border routers only connect the core to the upstreams.  They do  
> nothing else.  No acls, just prefix filters.  For example, block  
> 1918 space from leaving your network.  Block other bad stuff from  
> leaving your network too.  Allow in only what you're expecting from  
> the upstream; again 1918 space, etc.  They can fat finger like  
> anyone else.
>
> Core is for moving bits as efficiently as possible: no acls; no  
> filters.
>
> Connect downstream BGP customers to access routers that participate  
> in the iBGP mesh.  Filter them only allowing what they're supposed  
> to advertise.  They'll mess it up a lot if they're like my customers  
> by announcing everything under the sun.  Filter what you're  
> announcing to them.  You can fat finger just as well as anyone  
> else.  ;-)
>
> scott
>

• Previous message (by thread): Location of upstream connections & BGP templates
• Next message (by thread): Location of upstream connections & BGP templates
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]