best practice for advertising peering fabric routes

Niels Bakker niels=nanog at
Wed Jan 15 17:56:27 UTC 2014

* patrick at (Patrick W. Gilmore) [Wed 15 Jan 2014, 04:36 CET]:
>NEVER EVER EVER put an IX prefix into BGP, IGP, or even static 
>route. An IXP LAN should not be reachable from any device not 
>directly attached to that LAN. Period.

This is correct, and protects both your (ISP) infrastructure and the 
IXP's.  All major European IXPs revisited their policy after the giant 
DDoS attack on CloudFlare, and the above was pretty much the outcome.

	-- Niels.

"It's amazing what people will do to get their name on the internet, 
  which is odd, because all you really need is a Blogspot account."
			-- roy edroso,

More information about the NANOG mailing list