Re: [isp-bgp] filtering pratice

On Tue, May 24, 2005 at 09:49:32PM +0200, Daniel Schild wrote: > Hi, > > I'm just about to peer with another isp, and now i'm wondering what's > the best filtering pratice when it comes to peering. Do i just allow > everything from the other isp, hoping that they don't mess up? the most > important thing is to have some kind of control of what routes they give > us, since we don't want to end up with them giving us a full table or > something like that. > > The first thing i can think of is filtering on as-path, but i know they > have other customers with their own asns. Of course i could always > filter on the as + 1, but i just want to hear about what the most common > pratice in this case is. Also, they have a couple of ip blocks, so we don't > want to filter on their blocks (if we do, we also have to know if > anything changes). Also, i don't know if any of their customers as's have > customers with their own asns, and so on (probably not very likely). > > So, how much do you people filter from your peers? > > > best regards, > daniel > The current best practice is as follows: 1. Strictly filter your BGP customers on both prefix-lists and AS_PATH. 2. Loosely filter your peers -- i.e. place a generic "one-size-fits-all" type of prefix-list, that will block prefixes longer than /24, or any other martian prefixes like RFC1918 as desired. Also place a loose filtering AS_PATH filter, such as one blocking private ASNs but not much of anything else. 3. Place maximum-prefix limit on your peers to a value that is appropriate. Obviously if your peer is a small ISP with only a few prefixes, it may be a good idea to strictly filter them as well. But strict filtering starts getting difficult to manage as number of peers increase and as you peer with larger peers. -J -- James Jun Infrastructure and Technology Services TowardEX Technologies Office +1-617-459-4051 x179 | Mobile +1-978-394-2867 james@... To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with. Copyright 2005 Jupitermedia Corporation All Rights Reserved.

Solutions

Whitepapers and eBooks
IBM eBook: Planning a Service Oriented Architecture IBM eBook: Choosing the Right Architecture--What It Means for You and Your Business Microsoft Article: Will Hyper-V Make VMware This Decade's Netscape? Avaya Article: Using Intelligent Presence to Create Smarter Business Applications Intel Go Parallel Article: Getting Started with TBB on Windows Microsoft Article: 7.0, Microsoft's Lucky Version? Avaya Article: How to Feed Data into the Avaya Event Processor		IBM Article: Developing a Software Policy for Your Organization Microsoft Article: Managing Virtual Machines with Microsoft System Center Intel Go Parallel Article: Intel Threading Tools and OpenMP HP eBook: Storage Networking , Part 1 Microsoft Article: Solving Data Center Complexity with Microsoft System Center Configuration Manager 2007 MORE WHITEPAPERS, EBOOKS, AND ARTICLES

Webcasts
HP Video: StorageWorks EVA4400 and Oracle HP Webcast: Storage Is Changing Fast - Be Ready or Be Left Behind		Microsoft Silverlight Video: Creating Fading Controls with Expression Design and Expression Blend 2 MORE WEBCASTS, PODCASTS, AND VIDEOS

Downloads and eKits
Red Gate Download: SQL Toolbelt and free High-Performance SQL Code eBook Iron Speed Designer Application Generator		MORE DOWNLOADS, EKITS, AND FREE TRIALS

Tutorials and Demos
Silverlight 2 App and Walkthrough: Leverage Silverlight 2 with SQL Server and XML IBM Article: Enterprise Search--Do You Know What's Out There? HP Demo: StorageWorks EVA4400		Microsoft Article: The Progress and Promise of Deep Zoom Microsoft How-to Article: Get Going with Silverlight and Windows Live MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES