HE.net BGP origin attribute rewriting

Sat Jun 2 07:27:36 UTC 2012

On 06/02/2012 02:53 AM, Joe Provo wrote:
> Cost and performance were merely two reasons someone may wish to prevent
> remote parties from using origin to influence outbound traffic from my 
> network. 
As I mentioned already, it will influence that by another way. And this
costs *you* more money - you have to pay for router with larger TCAMs,
more memory, faster CPUs... and yes, deaggregation is very simple task
for originating network - much easier than playing with the origin flag,
which is not understanded widely.

> I can state it is not imagination when I encountered networks
> doing this in the past for prefixes they were sourcing. To be clear - 
> these were prefixes being sourced by a neighbor who was providing 
> different origin codes on different sessions. Either they were [to
> Nick Hilliard's point] using different kit and unaware of the differnt
> implementations or [as evidence bore out] purposefully shifting traffic
> without arrangement on links that were worse for me and in violation 
> of the agreement we entered into when peering.

More specific prefix in addition to aggregate one visible only over
specific peers will do the job, too. And will do that job better... but
for what cost (not only to you)...?

> There certainly were historical reasons for treating origin as sacrosanct.
> Time has marched on and those reasons are now *historical*, hence the 
> quite reasonable updat eto the RFC. You seem to fail to understand that 
> MED comes after origin on the decision tree, and therefore someone can 
> influence traffic carriage without agreement.

You seem to fail realize other (easier) ways to influence traffic
carriage. Deaggregation with selective route announcement is quite
common way, many networks do that.

- Daniel