Route leak in Bangladesh

• Previous message (by thread): Route leak in Bangladesh
• Next message (by thread): Route leak in Bangladesh
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jun 30, 2015 at 09:44:12AM -0400, Joe Abley wrote:
> On 30 Jun 2015, at 9:41, Job Snijders wrote:
> >In addition to the BGP community scheme, outbound as-path filters could
> >help.
> 
> I agree, but possibly not in the case of a redistribution loop.
> 
> (We don't know that's what happened, exactly, but I thought it was worth
> mentioning.)

Joe, you are right.

In this specific situation, for a small to medium sized network, it
might be prudent to apply an outbound prefix-filter on all transit &
peering sessions and thus only allowing prefixes which actually belong
to downstream customers and the network itself.

One could generate that prefix-list based on the network's AS-SET. I
wouldn't deploy /only/ outbound prefix-filters. This method should be
viewed as complementary to other methods such as the already mentioned a
BGP community scheme.

Kind regards,

Job

• Previous message (by thread): Route leak in Bangladesh
• Next message (by thread): Route leak in Bangladesh
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]