[c-nsp] Non-transit customer AS and prefix leaks

[Keegan Holley]

I may be missing something obvious, but shouldn't your prefixes have hit the Internet with a hop count of 1 and the bogus routes a hop count of at least three? If that's the case wouldn't your prefixes be the best path?  Assuming I've missed something than the no-export community and as prepend suggestions proposed by others should work.

Sent from my iPhone

On Apr 18, 2011, at 2:36 AM, Artyom Viklenko <artem at aws-net.org.ua> wrote:

> Hi, list!
> 
> I had some problem last weekend. Lets say we - ISP-A, announce
> some prefixes to Customer. Due to some bug or misconfiguration
> these prefixes reached ISP-B (who provides another uplink to
> Customer). I'm was surprised that ISP-B received our prefixes
> from Customer (wrong filters?). And then, these prefixes was
> announced to Internet and some Exchange Points.
> This lead to incorrect routing of incoming thrafic towars our
> prefixes via slow Customer's links. This lead to near 100%
> packet loss.
> 
> After several phone calls problem was fixed. But now, I'm
> trying to find some solution to prevent such problems in future.
> 
> One solution I thinking of is to mark all announces to such
> non-transit Customers with no-export community.
> 
> What do you guys think about this? Is it acceptable or not?
> Is it any other possible solutions to prevent such cases
> already in place?
> 
> Thanks in advance!
> 
> -- 
>           Sincerely yours,
>                            Artyom Viklenko.
> -------------------------------------------------------
> artem at aws-net.org.ua | http://www.aws-net.org.ua/~artem
> artem at viklenko.net   | JID: artem at jabber.aws-net.org.ua
> FreeBSD: The Power to Serve   -  http://www.freebsd.org
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>