Announcing Peering-LAN prefixes to customers

• Previous message (by thread): Announcing Peering-LAN prefixes to customers
• Next message (by thread): Announcing Peering-LAN prefixes to customers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

IXP LANs should not be announced via BGP (or your IGP either). See section
3.1:
http://nabcop.org/index.php/BCOP-Exchange_Points_v2



On Thu, Dec 20, 2018 at 12:50 PM Dominic Schallert <ds at schallert.com> wrote:

> Hi all,
>
> this might be a stupid question but today I was discussing with a
> colleague if Peering-LAN prefixes should be re-distributed/announced to
> direct customers/peers. My standpoint is that in any case, Peering-LAN
> prefixes should be filtered and not announced to peers/customers because a
> Peering-LAN represents some sort of DMZ and there is simply no need for
> them to be reachable by third-parties not being physically connected to an
> IXP themselves. Also from a security point of view, a lot of new issues
> might occur in this situation.
>
> I’ve been seeing a few transit providers lately announcing (even
> reachable) Peering-LAN prefixes (for example DE-CIX Peering LAN) to their
> customers. I’m wondering if there is any document or RFC particularly
> describing this matter?
>
> Thanks
> Dominic
>


-- 
[stillwaxin at gmail.com ~]$ cat .signature
cat: .signature: No such file or directory
[stillwaxin at gmail.com ~]$
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20181220/94db6000/attachment.html>

• Previous message (by thread): Announcing Peering-LAN prefixes to customers
• Next message (by thread): Announcing Peering-LAN prefixes to customers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]