HE.net BGP origin attribute rewriting

Keegan Holley keegan.holley at sungard.com
Thu May 31 20:02:01 UTC 2012


2012/5/31 Richard A Steenbergen <ras at e-gerbil.net>

> On Thu, May 31, 2012 at 12:21:12PM -0400, Keegan Holley wrote:
> > The internet by definition is a network of network so no one entity
> > can keep traffic segregated to their network.  Modifying someone else
> > routing advertisements without their consent is just as bad as
> > filtering them in my opinion.  Doing so to move traffic into your AS
> > in order to gain an advantage in peering arrangements and make more
> > money off of the end user is just dastardly.
>
> There was one particularly (in)famous network *coughpeer1cough* which
> was well known for selectively rewriting the origin codes towards their
> peers a few years back. For example, if traffic was going to New York,
> they would advertise the prefix with IGP in New York, and Incomplete
> everywhere else, forcing other networks to haul the traffic to New York.
> This is a violation of most peering agreements, which require consistent
> advertisements unless otherwise agreed, but it was just sneaky enough
> that it flew under the radar of most folks for quite a while. When it
> was finally noticed and they refused to stop doing it when asked, a few
> folks just depeered them, but a bunch of others just "solved the
> problem" by rewriting the origin codes. This is why you still see a lot
> of rewriting happening today by default, to avoid a repeat of the same
> issue.
>
> Personally I was of the opinion that the correct solution to this
> particular problem was just to terminate the peering relationship, but
> honestly Origin code is a pretty useless attribute in the modern
> Internet, and it exists today only because it's impossible to take it
> out of the protocol. I don't see anyone complaining when we rewrite
> someone else's MEDs, sometimes as a trick to move traffic onto your
> network (*), or even that big of a complaint when we remove another
> networks' communities, so I don't see why anyone cares about this one.
>
> It's hard to catch when someone is modifying your advertisements.  Also, I
don't expect MED to be compared globally since different networks will
handle it differently so chances are I'm just using it to contol traffic to
and from a directly connected ISP.  If you rewrite it to do the same thing
with your upstreams I probably won't care as long as latency and hop count
remain reasonable.  That being said I've seen an upstream mess with
local-pref in their AS and then again upstream from them and began pulling
traffic literally into a different country.  That IMHO is egregious.


> Maybe a "better" fix would be a local knob to ignore Origin code in the
> best path decision without having to modify it. Start asking your
> vendors for it now, maybe it'll show up around 2017... :)
>

I still think it would cool if BGP had an AS topology database of some
sort, but that's too expensive.  Most BGP policies are not very
deterministic in my experience.

>
> (*) I've seen a lot of inexperienced BGP speaking customers be very
> upset that they can't "send any traffic using natural bgp" (yes, there
> appears to be some kind of delusion running around that modifying BGP
> attributes to influence path selection is bad... What's next, "organic
> routes, not from concentrate"? :P), which in the end turned out to be us
> sending the customer MEDs based on our IGP cost, other networks sending
> them MEDs of 0, and them not knowing enough to do something useful with
> the data or else rewrite it to 0.
>
>
Well less than ten years ago I remember hearing that BGP was only for ISP's
or very large enterprises and most people should try to run an IGP only.  I
still hear from companies who are nervous about running BGP with a private
MPLS provider.  Old habits die hard I guess..



More information about the NANOG mailing list