[c-nsp] Non-transit customer AS and prefix leaks
Gert Doering
gert at greenie.muc.de
Mon Apr 18 08:56:45 EDT 2011
Hi,
On Mon, Apr 18, 2011 at 09:36:04AM +0300, Artyom Viklenko wrote:
> I had some problem last weekend. Lets say we - ISP-A, announce
> some prefixes to Customer. Due to some bug or misconfiguration
> these prefixes reached ISP-B (who provides another uplink to
> Customer). I'm was surprised that ISP-B received our prefixes
> from Customer (wrong filters?). And then, these prefixes was
> announced to Internet and some Exchange Points.
If there were an Internet BGP License, this sort of accident would
cause ISP-B to lose their license for 4 weeks.
Unfortunately, there is no Internet BGP License...
[..]
> After several phone calls problem was fixed. But now, I'm
> trying to find some solution to prevent such problems in future.
>
> One solution I thinking of is to mark all announces to such
> non-transit Customers with no-export community.
If your customers and their other ISPs are creative enough, they could
override this...
What you certainly could do is bill your customers by the gigabyte, and
if they want to provide transit for you, bill them for the traffic that
they transported for you. This will ensure that they won't do it again.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 305 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20110418/053cd903/attachment.pgp>
More information about the cisco-nsp
mailing list