[inet-ops] Prefix Pollution

Joe Provo jzp-inetops at rsuc.gweep.net
Tue Dec 14 06:27:03 EST 2004 

On Tue, Dec 14, 2004 at 10:58:14AM +0000, Michael.Dillon at radianz.com wrote:
[snip]
> The big task is going to be identifying the
> traffic engineering and the legitimate holes.
> That's where this list could be helpful so that
> people can explain what they are really doing
> with their shorter prefixes in case they get
> misclassified.
 
I many be a bit stodgey in this regard, but what comprises
'legitimate traffic engineering' that needs to be seen in 
the DFZ?

It is trivial to leak deaggregates to one's providers 
tagged NO_EXPORT. Beyond the radius of $s flowing, what 
is 'legitimate'?  And 'company already doing it at a 
flag day' or 'company who employs $person' aren't 
acceptable answers.  

The litmus test of 'breaks reachability' isn't much of a 
bar, as people are going out of their way to do that with
no discernable benefit. 

Likely some combination of 'breaks reachability' and 'not 
trivially reduced by as-path' needs to be concocted, as 
there are many many trivial examples that from N arbitrary 
ASNs away have no differentiation in path. I'm not even 
talking about 'global corporation carving their legacy 
allocations up' or 'global entity behind nat/firewall 
exposing small slices as DMZes'... off the top of my head, 
Nestle US:

route-views.oregon-ix.net>sho ip bgp 165.131.0.0/16 lo | inc /
*  165.131.118.0/23 196.7.106.245            0             0 2905 701 7018 31880 ?
*  165.131.124.0/23 196.7.106.245            0             0 2905 701 7018 31880 ?
*  165.131.174.0/23 196.7.106.245            0             0 2905 701 7018 31880 ?
route-views.oregon-ix.net>sho ip bgp quote-reg "_31880" | inc /
*  165.131.118.0/23 196.7.106.245            0             0 2905 701 7018 31880 ?
*  165.131.124.0/23 196.7.106.245            0             0 2905 701 7018 31880 ?
*  165.131.174.0/23 196.7.106.245            0             0 2905 701 7018 31880 ?
route-views.oregon-ix.net>sho ip bgp quote-reg "_31880" | ex 7018
BGP table version is 23826096, local router ID is 198.32.162.100
Status codes: s suppressed, d damped, h history, * valid, > best, i -
internal,
              S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
route-views.oregon-ix.net>

joe

-- 
             RSUC / GweepNet / Spunk / FnB / Usenix / SAGE

More information about the inet-ops mailing list