Filter on IXP

• Previous message (by thread): Any experience with Comcast digital voice for OOB (offlist is fine)
• Next message (by thread): Filter on IXP
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> On the other hand, if a member provides transit, he will add its 
> customer prefixes to RaDB / RIPEdb with appropriate route 
> objects and the ACL will be updated accordingly. Shouldn't break there. 

And that's a really nice side effect.

However in case of transit providers the problem is that RaDB /RIPE lists what prefixes you are allowed to advertise. 
But that does not necessarily fully match with what source IPs can leave your network. 
I mean ISP-A can have a customer that uses PA range of other ISP-B and only has a static route towards ISP-A for some TE purposes. 
I'm not well versed with RIPE myself so I'm not sure whether there's a way to handle this situation. 

adam
-----Original Message-----
From: Jérôme Nicolle [mailto:jerome at ceriz.fr] 
Sent: Friday, February 28, 2014 6:03 PM
To: Nick Hilliard; nanog at nanog.org
Subject: Re: Filter on IXP

Le 28/02/2014 17:52, Nick Hilliard a écrit :
> this will break horribly as soon as you have an IXP member which 
> provides transit to other multihomed networks.

It could break if filters are based on announced prefixes. That's preciselly why uRPF is often useless.

On the other hand, if a member provides transit, he will add its customer prefixes to RaDB / RIPEdb with appropriate route objects and the ACL will be updated accordingly. Shouldn't break there.

--
Jérôme Nicolle
+33 6 19 31 27 14

• Previous message (by thread): Any experience with Comcast digital voice for OOB (offlist is fine)
• Next message (by thread): Filter on IXP
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]