BGP Community - AS0 is de-facto "no-export-to" marker - Any ASN reserved to "export-only-to"?'

adamv0025 at adamv0025 at
Wed Sep 9 14:07:57 UTC 2020

> Chriztoffer Hansen via NANOG
> Sent: Wednesday, September 9, 2020 1:29 PM
> On Wed, 9 Sep 2020 at 06:25, Mark Tinka via NANOG <nanog at>
> wrote:
> > It's not unlike trusting your customers to send you FlowSpec 
> > instructions. No issues technically, but do you want to do it?
> Why not? As a service offering, it makes total sense.
> Thou, generally I agree with you. Trust, but verify any received 
> announcement conforms to a base-set of expectations. Discard non- 
> conforming.
Yeah right, like you all are limiting max length of as_path, dropping boggon ASNs, or limiting max number of communities or striping unused/unsupported attributes on ingress to your AS...
Or otherwise test what happens to your border edge (or internet-plane route-reflectors/ iBGP infrastructure for that matter) if exposed to these.


More information about the NANOG mailing list