[c-nsp] Re: URPF on small BGP-enabled customers?
David J. Hughes
bambi at Hughes.com.au
Fri Jun 3 18:28:22 EDT 2005
On 04/06/2005, at 7:57 AM, Joe Maimon wrote:
> If their provider was the same one you tagged no-export to, than they
> were getting the full table from their peer. Except you requested that
> peer not send them your route.
True. I didn't want their traffic to come to us directly via the
Tier-1 provider in question. However, seeing as I already know that
that provider peers with 3 of the other providers we present to, it
should not be an issue. I think you are working with a "single path"
version of BGP :)
> If that was the case, your assumption was that they would get the
> route elsewhere. That assumption is far less safe to make.
Based on that statement we'd need to connect to every transit provider
on the planet. AS paths exist so that you can get from point A to
point B via a series of providers. That assumption is a safe as
houses.
> I dont see how this changes anything. Of course peers downstream of
> the peers you have your route marked no-export will not have it in
> their full table unless they get it from a peer who does not have it
> marked no-export.
i.e. the other 5 peers I previously mentioned. Couldn't agree with you
more.
David
...
More information about the cisco-nsp
mailing list