question about AS relationship

Song Li refresh.lsong at gmail.com
Fri Feb 21 06:57:07 UTC 2014 

                 +----------+  +---------+
                 | provider1|  |provider2|
                 +----------+  +---------+
                        ^       ^
                        |       |
                        |       |
        +--------+     ++-------++    +----------+
        |peer AS2+-----+  AS 1   +----+peer AS3  |
        +--------+     +---------+    +----------+
                        ^       ^
                        |       |
              +------------+  +-------------+
              |customer AS4|  |customer AS5 |
              +------------+  +-------------+
um....

sorry, my question is:

the AS relationship between AS1 and AS2/3 is peer, and AS1 cannot 
announce routes from AS3 to provider1 by rule. But if AS1 do it, and the 
realtionship between AS1 and AS3 is invisible to provider1, how can 
provider1 detect this route leak without knowing the privacy?

In other words, could the business relationship between AS1 and AS3 be 
known to provider1/2?

Thanks.

Sky li

>
> perhaps you should draw a little ascii art, I think you're asking:
>
> DS1 - customer - you - isp
>
> "can DS1's relationship to 'customer' be secret"
>
> no. well, not if they want:
>    1) to use a public ASN
>    2) use ip space which isn't part of 'customer' aggregate
>    3) want to be reachable on the internet
>
> It's safe to say that your goal as an ISP and a customer of an ISP, should be:
>    "Make sure that all of my routes and the routes of my customers and
> their customers, that I'm expected to provide transit for, are in my
> ISP's filters."
>
> -chris
> (and as someelse pointed out: "If they use BGP and expect global
> reachabilty... then the information isn't private anyway.")
>
>> --
>> Sky Li
>>
>>
>>> On Thursday, February 20, 2014 08:09:35 PM Christopher
>>> Morrow wrote:
>>>
>>>>
>>>> so, yes. pleass tell your upstream your customers so
>>>> proper filtering can be automated and implemented.
>>>>
>>>> don't turn up bgp customers without filtering, that kills
>>>> kittens.
>>>
>>> For all the leaking I've seen in the last four weeks
>>> (including a well-known operator that was involved in the
>>> Youtube/Pakistan saga + other well-known global operators
>>> that could be classified as "a reasonably large tier"),
>>> we're still a long way away ensuring all customer prefixes
>>> are filtered correctly at the inter-domain peering edge. A
>>> loooooooong way away...
>>>
>>> Mark.
>>
>>
>>

More information about the NANOG mailing list