nanog mailing list archives

Re: Advertisement of Equinix Chicago IX Subnet

From: Eric Dugas <edugas () unknowndevice ca>
Date: Thu, 28 Mar 2019 09:08:26 -0400

I have a policy applied to my upstreams and peers to deny the IXP's LANs
were connected to. I don't think of any reason to learn these routes from
someone else's network.

On Wed, Mar 27, 2019 at 7:44 PM Cummings, Chris <ccummings () coeur com> wrote:

Not too sure about your topology, but I’ve had something similar bite me,
so we typically put a prefix list inbound to deny receiving our internal
prefixes from our peers. This probably doesn’t work as well if your network
is less “eyeballish” than ours, however.

/chris



On Wed, Mar 27, 2019 at 4:37 PM -0500, "Graham Johnston" <
johnstong () westmancom com> wrote:

This afternoon at around 12:17 central time today we began learning the

subnet for the Equinix IX in Chicago via a transit provider; we are on the
IX as well. The subnet in question is 208.115.136.0/23. Using
stat.ripe.net
<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fstat.ripe.net&c=E,1,HdSVqYeR7jgCV-Dur66y05aHEW-BSduVIIHYHrXZ1P6qOt3fa684wgoFR9CoVMgOpEaWMO0lwDjZkSR-n80nd7Rvcqp4MKodaGyrIDIjEhtPXiDie1SaYsyZJ9ed&typo=1>
I can see that this subnet is also being learned by others, see the snip
below. On our network this caused a nasty routing loop until we figured out
what was wrong. My current best understanding is that because the route was
learned via eBGP it trumped the OSPF learned route. As soon as I filtered
the advertisement from my transit provider everything returned to normal.
What am I doing that isn’t best practices that would have prevented this?



Thanks,

graham





RIPE Info

*1* RRCs see *1* peers announcing *208.115.136.0/23
<http://208.115.136.0/23>* originated by *AS32703*
<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fstat.ripe.net%2fAS32703&c=E,1,TOo4BxuZBilA6dEeEsyArFdQvYciFoXF4XjZNU4NqyzUFPawLd-3hzV5XwlwfBLIcVRBns_GfdJCxNBaU2dYqDWisxgCxwxRPMoTfXq-TRSDQa_BgAvqRg,,&typo=1>

·         ▼RRC00 in *Amsterdam, Netherlands* sees *1* ASN orginating *208.115.136.0/23
<http://208.115.136.0/23>*.AS32703

o    ▼*AS32703
<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fstat.ripe.net%2fAS32703&c=E,1,LPjxozPn3-dGOA9bDJB081OscbzusnfrxssBxyMbOyunZUcNyeibk_RHV8UYO3Fw77TpLU9yRsywr6KjrmyXWgKk4DQ7XRSgr1_W1SNgkfA,&typo=1>*
 is
seen as the origin by *1* peer.192.102.254.1

§  ▼*192.102.254.1
<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fstat.ripe.net%2f192.102.254.1&c=E,1,fW5rffxlYLANo-g3GopSdMyHH2oIqoulMERJOjPrrdRL4Z8602v0WhaVuS6ignBPzPDgh4S05V55mLAGu_OFn1TzFyYcCpMMzTgH1ejtJmILMrcaDQDn&typo=1>*
 is
announcing route *AS395152*
<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fstat.ripe.net%2fAS395152&c=E,1,I_iMCTImXK-T7Vj5VALSLMN6lo0N3-N2qYG7QlBHNK8oXNmPQnsp4zJy424NN2Y8z2WxSBIfaPSkLoibtnClWliVcGMhdMDsIewEnAgiZaRITyPjKA,,&typo=1>
 *AS63297*
<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fstat.ripe.net%2fAS63297&c=E,1,V7oySywzIc8rSc64KXotimJVgetH1G5VqJoedNuNjm9JbOYDh8qrdMlVKD12tKJtJ4STBfu9kLFuBXInbfko44ryiCz5Gy2CztDGyYXF4HJW6Jm3uPvJgOUAfTc,&typo=1>
 *AS6327*
<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fstat.ripe.net%2fAS6327&c=E,1,4wIITl8037dr3SSHzQmbAIwgiFe3X75-DkFAlERAGWEFjFROhFPMC2c3IGy_vChkNN-YI2OoobMvhOUKjiV9mt69N8kXl_RTvv22nZHKLJkYc59V&typo=1>
 *AS36280*
<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fstat.ripe.net%2fAS36280&c=E,1,_jAHKYzgyGwMDV4H1HRk1FK3bV5j_t6dSn2YfYhnhLBYub5v33-ryduZ34KVZYUy19lhSRThf8TUnUT_6V35nTMLw6SCXqY0S8bggDBKvYUg&typo=1>
*AS32703*
<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fstat.ripe.net%2fAS32703&c=E,1,RAfxFbCQUejEFosUxg2dek9Ke5qatnE5GGjP6p2ovv1XL6hN77GlayI0Nm5jA_jRLCxzzaZQUdABGyy7HlA7bi93SIbytUbKx_49kJPC168,&typo=1>
.

§  Origin: IGP

§  Next Hop: 192.102.254.1

§  Peer: 192.102.254.1

§  Community: 63297:1000

§  AS Path: 395152 63297 6327 36280 32703

§  Last Updated: 2019-03-27T17:17:19





Route-views

route-views.chicago.routeviews.org
<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2froute-views.chicago.routeviews.org&c=E,1,E0igNv77g9AAa2d6Uaxl8p-e1C0XIX7IzMRDUURg85DkFqIFTzckgumVyHoZqhybvGEz7rGGqi_cSc8KzJW5xx3nxdSBkfe6z_hdXiip8re7qfTpyjS1o2wzcvLw&typo=1>>
show ip bgp 208.115.136.0

BGP routing table entry for 208.115.136.0/23

Paths: (1 available, best #1, table Default-IP-Routing-Table)

  Not advertised to any peer

  32709 32703

    208.115.136.134 from 208.115.136.134 (63.134.128.248)

      Origin IGP, localpref 100, valid, external, best

      AddPath ID: RX 0, TX 64414249

      Last update: Wed Mar 27 17:16:09 2019

Current thread:

Advertisement of Equinix Chicago IX Subnet Graham Johnston (Mar 27)
- Re: Advertisement of Equinix Chicago IX Subnet Nick Hilliard (Mar 27)
  - RE: Advertisement of Equinix Chicago IX Subnet Graham Johnston (Mar 27)
- Re: Advertisement of Equinix Chicago IX Subnet Cummings, Chris (Mar 27)
  - Re: Advertisement of Equinix Chicago IX Subnet Eric Dugas (Mar 28)
    - Re: Advertisement of Equinix Chicago IX Subnet Christopher Morrell (Mar 28)
    - Re: Advertisement of Equinix Chicago IX Subnet Niels Bakker (Mar 28)
    - Re: Advertisement of Equinix Chicago IX Subnet Job Snijders (Mar 28)
- Re: Advertisement of Equinix Chicago IX Subnet Job Snijders (Mar 28)