[c-nsp] Good practices for peering

Ted Mittelstaedt tedm at toybox.placo.com
Fri Dec 30 05:03:16 EST 2005



>-----Original Message-----
>From: cisco-nsp-bounces at puck.nether.net
>[mailto:cisco-nsp-bounces at puck.nether.net]On Behalf Of Paul Stewart
>Sent: Wednesday, December 28, 2005 8:05 AM
>To: Vincent De Keyzer; cisco-nsp at puck.nether.net
>Subject: RE: [c-nsp] Good practices for peering
>
>
>I'd say this is pretty common.. One thing I'd add is to check if the
>remote AS you are peering with has downstream AS's and to permit them as
>well if you want to take full advantage of the peering...:)
>
>Some people use RAToolset and other utilities to build access lists etc.
>from radb.  This is only useful if the information at radb is up to date
>and accurate...
>

I think it's much more important for networks doing peering to insure
that
any end-node customers they have are behind anti-spoofing 'in' access
lists, so those customers cannot send out spoofed traffic, and
furthermore
any peer relationships they have where they have the upper hand
(as opposed to the please please please please may I suck off your
greatness relationships) that they mandate those networks to also
put their end-node customers behind anti-spoof lists.

Ted



More information about the cisco-nsp mailing list