nanog mailing list archives
Re: NTT->HE earlier today (~10am EDT)
From: Jared Mauch <jared () puck nether net>
Date: Tue, 30 Jun 2015 17:40:03 -0500
We have been pushing large configurations to devices. You can check my slides from the London IEPG meeting. When 96% of your config is prefix filters we are sure trying. I ask others to encourage your vendors to make this a priority as we have faced a number of issues in this area and have been waiting quite some time for vendor resolution. Jared Mauch
On Jun 30, 2015, at 5:26 PM, Mike Leber <mleber () he net> wrote:On 6/30/15 3:02 PM, Tore Anderson wrote: * Mike LeberI was thinking that when I posted yesterday. These were announcements from a peer, not customer routes. We are lowering our max prefix limits on many peers as a result of this. We are also going towards more prefix filtering on peers beyond bogons and martians.Hi Mike, You're not mentioning RPKI here. Any particular reason why not? If I understand correctly, in today's leak the origin AS was changed/reset, so RPKI ought to have saved the day. (At least Grzegorz' day, considering that 33 of AS43996's prefixes are covered by ROAs.)Yes, we will incorporate RPKI into how we build our prefix filters for peers as we improve our tools. Currently this will involve some amount of prefix list compression due to the limits of current hardware and the need to still have BGP converge. As Job Snijders said, "I would forsee issues if i'd try to add an eleven megabyte prefix-list on all devices in the network.". Mike.
Current thread:
- Re: Route leak in Bangladesh, (continued)
- Re: Route leak in Bangladesh Hank Nussbacher (Jun 30)
- Re: Route leak in Bangladesh Randy Bush (Jun 30)
- Re: Route leak in Bangladesh Hank Nussbacher (Jun 30)
- Re: Route leak in Bangladesh Randy Bush (Jun 30)
- Re: Route leak in Bangladesh Suresh Ramasubramanian (Jun 30)
- Re: NTT->HE earlier today (~10am EDT) Randy Bush (Jun 30)
- Re: NTT->HE earlier today (~10am EDT) Mike Leber (Jun 30)
- Re: NTT->HE earlier today (~10am EDT) Tore Anderson (Jun 30)
- Re: NTT->HE earlier today (~10am EDT) Mike Leber (Jun 30)
- Re: NTT->HE earlier today (~10am EDT) Ca By (Jun 30)
- Re: NTT->HE earlier today (~10am EDT) Job Snijders (Jun 30)
- Re: NTT->HE earlier today (~10am EDT) Jared Mauch (Jun 30)
- Re: NTT->HE earlier today (~10am EDT) Job Snijders (Jun 30)
- Re: NTT->HE earlier today (~10am EDT) Mike Leber (Jun 30)
- Re: NTT->HE earlier today (~10am EDT) Randy Bush (Jun 30)
- Re: Route leak in Bangladesh Hank Nussbacher (Jun 30)
- Re: NTT->HE earlier today (~10am EDT) Job Snijders (Jun 30)
- Re: Route leak in Bangladesh Randy Bush (Jun 30)
- Re: Route leak in Bangladesh Matsuzaki Yoshinobu (Jun 30)
- Re: Route leak in Bangladesh Mark Tinka (Jun 30)
- Re: Route leak in Bangladesh Nick Hilliard (Jun 30)
- Re: Route leak in Bangladesh Job Snijders (Jun 30)
- Re: Route leak in Bangladesh Joe Abley (Jun 30)