[c-nsp] flow spec
Richard A Steenbergen
ras at e-gerbil.net
Sun Dec 3 17:06:57 EST 2006
On Sun, Dec 03, 2006 at 12:06:22PM -0700, Sergio D. wrote:
> Has Cisco implemented this yet?
> http://www.tcb.net/draft-marques-idr-flow-spec-00.txt
My understanding is that for some unknown reason Cisco flatly refuses to
add this to BGP, and wants to implement a new protocol.
The only thing I've heard which might hint to a reason is a belief that
"complicating BGP with more features" is bad, which seems naive and
outdated. In a modern multiprotocol BGP world all we're left with is a
mature and well tested protocol for distributing NLRIs and attributes,
cleanly seperated by AFI/SAFI. There is no real reason not use to BGP to
transmit filtering information as flowspec does, but a lot of reasons why
you should.
Here's to hoping Cisco catches up to reality on this one. I used the heck
out of flow-spec on Juniper's and it is a great way to handle distributed
filtering. My only regret is that I couldn't get more customers to use it
to feed me filter information for their own blocks. Maybe if it had
support in zebra/quagga/whatever kids with linux boxes are using these
days... :)
--
Richard A Steenbergen <ras at e-gerbil.net> http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
More information about the cisco-nsp
mailing list