
<html>

  <head>

    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

  </head>

  <body>

    <br>

    <br>

    <div class="moz-cite-prefix">On 1/Aug/20 20:14, Hank Nussbacher

      wrote:<br>

      <br>

    </div>

    <blockquote type="cite"

      cite="mid:e2bb60bb-6175-c3c3-2c03-2bc73885fe34@interall.co.il">

      <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

      <style type="text/css">body p { margin-bottom: 0cm; margin-top: 0pt;

</style>

      <blockquote type="cite"

        cite="mid:aeceb486-57f2-a23b-bbe3-df47c5e4f085@seacom.com"> </blockquote>

      <p>AS  level filtering is easy.  IP prefix level filtering is

        hard.  Especially when you are in the top 200:</p>

      <p><a class="moz-txt-link-freetext"

          href="https://asrank.caida.org/" moz-do-not-send="true">https://asrank.caida.org/</a></p>

    </blockquote>

    <br>

    Doesn't immediately make sense to me why prefix filtering is hard.<br>

    <br>

    <br>

    <blockquote type="cite"

      cite="mid:e2bb60bb-6175-c3c3-2c03-2bc73885fe34@interall.co.il">

      <p><br>

      </p>

      <p>That being said, and due to these BGP "polluters" constantly

        doing the same thing, wouldn't an easy fix be to use the

        max-prefix/prefix-limit option:</p>

      <p><a class="moz-txt-link-freetext"

href="https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/25160-bgp-maximum-prefix.html"

          moz-do-not-send="true">https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/25160-bgp-maximum-prefix.html</a></p>

      <p><a class="moz-txt-link-freetext"

href="https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/prefix-limit-edit-protocols-bgp.html"

          moz-do-not-send="true">https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/prefix-limit-edit-protocols-bgp.html</a></p>

      <p><br>

      </p>

      <p>For every BGP peer,  the ISP determines what the current

        max-prefix currently is.  Then add in 2% and set the

        max-prefix.  </p>

      <p>An errant BGP polluter would then only have limited damage to

        the Internet routing table.</p>

      <p>Not the greatest solution, but easy to implement via a one line

        change on every BGP peer.</p>

    </blockquote>

    <br>

    It's about combining multiple solutions to ensure several

    catch-points. AS_PATH filtering, prefix filtering and max-prefix.<br>

    <br>

    <br>

    <blockquote type="cite"

      cite="mid:e2bb60bb-6175-c3c3-2c03-2bc73885fe34@interall.co.il">

      <p><br>

      </p>

      <p>Smaller ISPs can easily do it on their 10 BGP peers so as to

        limit damage as to what they will hear from their neighbors.<br>

      </p>

    </blockquote>

    <br>

    All ISP's should do this. All ISP's can.<br>

    <br>

    Mark.<br>

  </body>

</html>