Print

Print


Folks using route-optimizer things like Noction and such *SHOULD* be setting no-export on any prefixes it generates...
As we’ve seen in history over the last years, that doesn’t always happen. 
I think they recently (last-year ish?) made that a default, instead of a manual setting.


On Sep 18, 2019, at 5:14 PM, Brandon Mulligan <[log in to unmask]> wrote:

David,

Do the MICE route servers not have explicit route filters on each BGP session? If you can't trust a network to advertise only their IPs then how can you trust them to attach a community to their "optimized routes"?

Also, Could one simply use 0:53679 on their "optimized routes" to achieve the same effect?

Thanks.

On 9/18/2019 4:43 PM, David Farmer wrote:
[log in to unmask]" class="">
I found an interesting article in my LinkedIn feed last night on BGP Optimizers;


I'd be interesting if anyone in the MICE community is using a BGP Optimizer? Especially one that generates more specific prefixes in BGP. 

I don't want to expose anyone to ridicule, so please don't go there if anyone fesses up, even in jest, this needs to be treated seriously.

However, if anyone is using a BGP Optimizer, especially one generating more specific prefixes, I think it would behoove the MICE community to put in extra defenses against propagating these more specific prefixes through the exchange and out to the Internet in general or even our own downstream customers.

For example we could create a MICE-DROP BGP Community that we can tag any routes that should be dropped if they are (accidentally) announced to the MICE route server or to other MICE peers, such as these more specific routes created by a BGP Optimizer. Basically we would each add something to our routing policy, and on the MICE route servers too, looking for that BGP Community and immediately dropping any routes tag with it. 

Also, if anyone is using a BGP Optimizer in our community that would be a very good reason to accelerate IRR based router filtering for our exchange.

Thanks.
--
===============================================
David Farmer               Email:[log in to unmask]
Networking & Telecommunication Services
Office of Information Technology
University of Minnesota  
2218 University Ave SE        Phone: 612-626-0815
Minneapolis, MN 55414-3029   Cell: 612-812-9952
===============================================


To unsubscribe from the MICE-DISCUSS list, click the following link:
http://lists.iphouse.net/cgi-bin/wa?SUBED1=MICE-DISCUSS&A=1

-- 
Brandon Mulligan
Kansas City Internet eXchange
http://kcix.net


To unsubscribe from the MICE-DISCUSS list, click the following link:
http://lists.iphouse.net/cgi-bin/wa?SUBED1=MICE-DISCUSS&A=1




To unsubscribe from the MICE-DISCUSS list, click the following link:
http://lists.iphouse.net/cgi-bin/wa?SUBED1=MICE-DISCUSS&A=1