[c-nsp] BGP question : What's the best way for filtering outgoing prefixes?
Gert Doering
gert at greenie.muc.de
Fri Aug 19 12:35:18 EDT 2011
Hi,
On Fri, Aug 19, 2011 at 11:50:40AM -0400, Jon Lewis wrote:
> On Fri, 19 Aug 2011, Jay Nakamura wrote:
>
> >While testing, I am wondering, is it standard practice to clear my
> >community strings from routes before going to peer/transit?
>
> Yes. You never know what special meaning various community strings might
> have to someone else. You should set community none on routes you receive
> after you've looked at the community strings (if you were interested), and
> before sending routes to another AS unless you meant for them to go out
> with a certain community string.
We actually permit transitive communites - so, for example, a customer
can send us "3549:xxx" to achieve something in our upstream's network
(3549).
We purposely send all received communites downstream to customers, so they
can use it for filtering decisions ("we like this route via 5539, but only
if it came in from a Munich peer, never via Frankfurt").
Of course it's good housekeeping to remove your own communities (in our
case, 5539:xxx) before sending the prefixes upstream. (Ummm... need to
check whether we actually do that... I'm afraid we don't... *to TODO list*)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 305 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20110819/90375191/attachment.pgp>
More information about the cisco-nsp
mailing list