Some calculations on inbound filtering

From: Miguel A.L. Paraz (map@internet.org.ph)
Date: Fri Feb 16 2001 - 01:15:37 EST


I wrote some Perl scripts to do some data modeling.

I have a 99,800 entry BGP table with two feeds.

I picked up a small sample of traffic (show ip accounting, which is faster
to extract than Netflow).

Out of all the entries, 18390 were actually used for outbound traffic.

With the following rules:

"Class A" space, /8 and smaller, except for nets 24, and 62 to 65, up to /20,
"Class B" space, /16 and smaller,
"Class C" space, /24 and smaller, until net 207 and above, <= /20 is allowed

The table is reduced to 79,847 entries.
Only 5,047 networks were used, but they contributed to over 90% of the traffic
as compared to the traffic before reducing the table.

Having no route for an entry is not a problem because I can point default
at my upstreams.

Then with this % distribution of traffic per prefix:

/8 5.7
/9 0.0
/10 0.2
/11 0.9
/12 0.6
/13 1.6
/14 11.9
/15 2.2
/16 15.7
/17 8.1
/18 15.5
/19 10.0
/20 7.8
/21 3.2
/22 3.6
/23 2.3
/24 9.4

I conclude that as a stub node on the Net, even if I filter I will send
packets to generally the right provider, and let them take care of the full
routing.

Is this valid?
If you would like the scripts, I could clean them up and post them.

-- 

http://www.internet.org.ph The Philippine Internet Resource Mobile Voice/Messaging: +63-917-810-9728



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:29 EDT