On Tue, Feb 05, 2002 at 09:25:19AM +1300, Andy Linton wrote:
On Mon, 4 Feb 2002, James Tyson wrote:
Who thinks it would be a good idea to create a new mailling list specificially for updates of domestic peering policy and some bgp discussion that might be a little off-topic for this list?
I'd encourage those of you who are interested in this topic to read RFC 2650 (ftp://ftp.isi.edu/in-notes/rfc2650.txt) and start working to using RPSL for this task. It seems really strange to have filter lists (in proprietary format) flying around to achieve this.
The data in the RADB (and friends) is variable, though; to some extent the RADB only becomes optimally useful if *everybody* uses it, and so long as there are people who don't any automated filter construction always needs to be augmented by fallible humans sending bits of mail around the place. One alternative a number of large networks I know of have started putting in place is custom maximum-prefix limits for peers. The maximum-prefix limits protect against leaks quite effectively by tearing down sessions and holding them down once the specified number of prefixes received has exceeded a threshold. This is much cheaper to configure, operate and generally manage, and protects against leaks about as well as explicit prefix filters. It doesn't protect against route theft, but I'm not convinced the IRR protects against route theft particularly well, either. The LINX used to be awash with mail from peers announcing prefix filter changes. A couple of people there postulated that the coordinated reconfigurations of routers out of maintenance window synchronised by mail to the list saying "change my filters" was a dangerous thing, and could be responsible for systematic cross-provider failure. I never heard of anybody correlating any performance data with prefix-update mail to the list, but it was an interesting theory. Joe - To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog