intra-AS messaging for route leak prevention

• Previous message (by thread): intra-AS messaging for route leak prevention
• Next message (by thread): intra-AS messaging for route leak prevention
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jun 06, 2016 at 11:41:52AM +0000, Sriram, Kotikalapudi (Fed) wrote:
> I am a co-author on a route-leak detection/mitigation/prevention draft 
> in the IDR WG in the IETF:
> https://tools.ietf.org/html/draft-ietf-idr-route-leak-detection-mitigation-03  
> 
> Question: Are there other means of conveying this information 
> in common use today (i.e. for prevention of route leaks)?  

There is the "human network" approach, where operators share information
with each other which be used to generate config to help block
"unlikely" announcements from eBGP neighbors.

For instance AT&T and NTT agreed (through email) that there should be no
intermediate networks between 2914 & 7018, therefore NTT blocks
announcements that match as-path-regexp '_7018_' on any and all eBGP
sessions, except the direct sessions with 7018. NTT calls this concept
"peerlocking".

I'll cover this approach at the upcoming NANOG meeting in Chicago:
https://www.nanog.org/meetings/abstract?id=2860

Kind regards,

Job

• Previous message (by thread): intra-AS messaging for route leak prevention
• Next message (by thread): intra-AS messaging for route leak prevention
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]