[c-nsp] BGP peer/customer routes
Pete Templin
petelists at templin.org
Tue May 31 15:06:55 EDT 2011
On 5/31/2011 1:31 PM, vince anton wrote:
> thanks for feedback. seems like different people are going around this in
> different ways, some allow transit through peering links, and some outright
> block this from day0
>
> it surprises me that some people seem to be ok with passing transit traffic
> over a peering link. I dont understand why you would want to do this, as to
> me this seems abuse or misconfiguration (possibly not intentional), and
> potentially very expensive, or loss of revenue.
The problem is that transit traffic vs. peering traffic is dependent
upon source address, yet networks route by destination address.
Obviously, there's no easy way to route traffic FROM your network to
your customer via your peer while routing traffic THROUGH your network
to your customer via your transit link. However, if your customer has
two providers and one of them is your peer, shouldn't your customer be
eligible for redundant services through the peer link if your
customer-aggregation router should be down?
Additionally, where do you point the finger? Where do you implement
policy? Perhaps you should filter your peer such that the longer
prefixes aren't accepted, and exact-match prefixes are only accepted if
no prepends are added.
Have you covered MED in any of your configuration or policy? You might
want to forcibly set MED=1 on all peering connections, so you have
predictable behavior later if you ever multi-path to a peer.
pt
More information about the cisco-nsp
mailing list