Route leak in Bangladesh

• Previous message (by thread): Route leak in Bangladesh
• Next message (by thread): Route leak in Bangladesh
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 30/06/2015 14:29, Mark Tinka wrote:
>     - Get your downstreams to create route objects before you turn them up.
>     - Get your provisioning teams to validate the prefixes being
> provided by your downstreams.
>     - Use both prefix- and AS_PATH-based filters for your downstreams.
>     - Use BGP communities (as you've stated).
>     - No exceptions.

plus:

- fully automate ingress prefix management
- use maxprefixes with manual reenable on all ebgp sessions

I've been caught with fully automated IRR based per-session prefix
filtering where the customer put the IXP AS macro into their AS macro.

When the customer did a 7007 on this, we accepted everything that they
announced back to us, oy vey.

So you need both.

Nick

• Previous message (by thread): Route leak in Bangladesh
• Next message (by thread): Route leak in Bangladesh
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]