6453 routing leaks (January and Today)

Richard A Steenbergen ras at e-gerbil.net
Fri Feb 25 11:51:45 CST 2011


On Fri, Feb 25, 2011 at 07:22:36AM -0500, Jared Mauch wrote:
> Update:
> 
> I have had a source ask me to post the following:
> 
> -- snip --
> The problem with route leaking was caused by specific routing platform 
> resulting in some peer routes not being properly tagged.
> We are deploying additional measures to prevent this from happening in 
> the future
> -- snip --

Hopefully someone learned a lesson about BGP community design, and how 
it should fail safe by NOT leaking if you accidentally fail to tag a 
route. Always require a positive match on a route to advertise to peers, 
not the absence of a negative match.

-- 
Richard A Steenbergen <ras at e-gerbil.net>       http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)




More information about the NANOG mailing list