[c-nsp] Peering + Transit Circuits
Scott Granados
scott at granados-llc.net
Tue Aug 18 11:25:08 EDT 2015
So in our case we terminate peering and transit on different routers. Peering routers have well flow enabled (the one that starts with a J that’s inline). With NFSEN / NFDUMP we’re able to collect that flow data and look for anomalous flows or other issues. We pretty much detect and then deal with peering issues rather than prevent them with whitelists and so forth but then again we’ve been lucky and not experienced to many issues other than the occasional leakage of prefixes and such which maxprefix handles nicely.
Thanks
Scott
> On Aug 18, 2015, at 8:29 AM, Tim Durack <tdurack at gmail.com> wrote:
>
> Question: What is the preferred practice for separating peering and transit
> circuits?
>
> 1. Terminate peering and transit on separate routers.
> 2. Terminate peering and transit circuits in separate VRFs.
> 3. QoS/QPPB (
> https://www.nanog.org/meetings/nanog42/presentations/DavidSmith-PeeringPolicyEnforcement.pdf
> )
> 4. Don't worry about peers stealing transit.
> 5. What is peering?
>
> Your comments are appreciated.
>
> --
> Tim:>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list