[c-nsp] prefixes in AS-Set

Paul Stewart paul at paulstewart.org
Wed Aug 3 07:23:46 EDT 2011


Yeah - we used to filter based on AS-SET at one time - we quickly maxxed out
the available memory (for config storage) on Cisco 7600 platforms with
Sup720-3BXL's doing this.  Now it's just max-prefix except our downstream
customers where we specifically run filters to control what they announce to
us.

In a perfect world it would be all done via AS-SET but as Rob pointed out,
not everyone keeps their data up to date unfortunately....

Paul


-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Rob Lister
Sent: Wednesday, August 03, 2011 6:38 AM
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] prefixes in AS-Set


Yes... I would probably not bother to filter every peer, but just set max
prefix (if they are an IXP peer for example) or otherwise you could end up
with a lot of prefix lists and I think the router can only hold so many
prefix list entries.

Not every peer is going to have info in the db and/or it may not be up to
date etc.

This approach would be suitable for where you have downstream customers and
you want to filter what they can announce to you, and you want a way to
automate the updating of prefix lists accepted from customers (Many transit
providers do it this way)

Regards,


Rob


-- 
Robert Lister

On 3 Aug 2011, at 06:51, Martin T <m4rtntns at gmail.com> wrote:

> As I understand, in case ISP-A would like to peer with ISP-B, the
> ISP-A usually specifies it's AS-set it will announce to ISP-B? For
> example in case XS4ALL(xs4all.nl) would like to set up a peering with
> some other ISP, it will announce AS-ACCESSFORALL, which contains all
> XS4ALL ASN's. ISP-B should be able to find all those ASN's which are
> under the AS-set called AS-ACCESSFORAL by:

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list