Re: Peering + Transit Circuits

["Patrick W. Gilmore" <patrick () ianai net>]

On Aug 18, 2015, at 1:24 PM, William Herrin <bill () herrin us> wrote:
> On Tue, Aug 18, 2015 at 8:29 AM, Tim Durack <tdurack () gmail com> wrote:

> > Question: What is the preferred practice for separating peering and transit
> > circuits?
> >
> > 1. Terminate peering and transit on separate routers.
> > 2. Terminate peering and transit circuits in separate VRFs.
> > 3. QoS/QPPB (
> > https://www.nanog.org/meetings/nanog42/presentations/DavidSmith-PeeringPolicyEnforcement.pdf
> > )
> > 4. Don't worry about peers stealing transit.
> > 5. What is peering?
> >
> > Your comments are appreciated.
>
>
> If you have a small number of peers, a separate router carrying a
> partial table works really well.

To expand on this, and answer Tim’s question one post up in the thread:

Putting all peer routes on a dedicated router with a partial table avoids the “steal transit” question. The Peering 
router can only speak to peers and your own network. Anyone dumping traffic on it will get !N (unless they are going to 
a peer, which is a pretty minimal risk).

It has lots of other useful features such as network management and monitoring. It lets you do maintenance much easier. 
Etc., etc.

But mostly, it lets you avoid joining an IX and having people use you as a backup transit provider.

-- 
TTFN,
patrick