nanog mailing list archives
Re: BGPMON Alert Questions
From: Mark Tinka <mark.tinka () seacom mu>
Date: Sat, 5 Apr 2014 13:21:20 +0200
On Friday, April 04, 2014 05:17:36 PM Sharon Goldberg wrote:
Right, we didn't include that in our analysis because we didn't have a good sense for how many ISPs actually do filter their downstream downstreams. So we chose to give a conservative estimate of the impact of prefix filtering in partial deployment: we assumed that no one filters their downstreams downstreams. I'm honestly not sure exactly what including this assumption would do to our results, except to say that it would make them better (ie. that more attacks would be stopped). Might be a good experiment for one of my summer interns.
I've typically been on the side where we filter just the downstream and apply AS_PATH filtering liberally for their downstreams. At $current_job, we're now filtering both downstream and downstream's downstreams on AS_PATH + prefix list, taking the prefix aggregate and suffixing "le 24" or "le 48". We are now thinking about how to scale this without using RPSL, as that creates lots and lots of clutter in the configuration, as well as sub-optimal forwarding when customers are sending routes you aren't accepting when they forget that RPSL-based filtering is prefix-specific. Mark.
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- Re: BGPMON Alert Questions, (continued)
- Re: BGPMON Alert Questions Mark Tinka (Apr 03)
- Re: BGPMON Alert Questions Tony Tauber (Apr 03)
- Re: BGPMON Alert Questions Christopher Morrow (Apr 03)
- Re: BGPMON Alert Questions Randy Bush (Apr 03)
- Message not available
- Re: BGPMON Alert Questions Randy Bush (Apr 03)
- Re: BGPMON Alert Questions Sharon Goldberg (Apr 03)
- Re: BGPMON Alert Questions Mark Tinka (Apr 03)
- Re: BGPMON Alert Questions Sharon Goldberg (Apr 04)
- Re: BGPMON Alert Questions Nick Hilliard (Apr 04)
- Re: BGPMON Alert Questions Sharon Goldberg (Apr 04)
- Re: BGPMON Alert Questions Mark Tinka (Apr 05)
- Re: BGPMON Alert Questions Sharon Goldberg (Apr 06)
- Re: BGPMON Alert Questions Mark Tinka (Apr 06)
- Re: BGPMON Alert Questions Benno Overeinder (Apr 04)
- Re: BGPMON Alert Questions Mark Tinka (Apr 05)
- Re: BGPMON Alert Questions Anthony Williams (Apr 03)
- Re: BGPMON Alert Questions Mark Tinka (Apr 03)
- Re: BGPMON Alert Questions Nick Hilliard (Apr 03)
- Re: BGPMON Alert Questions Mark Tinka (Apr 03)
- Re: BGPMON Alert Questions Mark Tinka (Apr 03)
- Re: BGPMON Alert Questions Randy Bush (Apr 03)