[outages] Optus/Akamai

[Steve Meuse]

Are people using max-prefix for iBGP sessions?

That seems.....unwise.

-Steve



On Thu, Nov 9, 2023 at 1:24 AM Gert Doering via Outages <outages at outages.org>
wrote:

> Hi,
>
> On Wed, Nov 08, 2023 at 03:25:13PM -0600, Aaron Wendel via Outages wrote:
> > That makes no sense.  How would tripping the max prefix on a single peer
> cause
> > a major outage?
>
> If you have
>
>   client --> border router -> route reflector -> all other BGP speakers
>
> and the "RR -> BGP speakers" sessions get tripped due to "client sending
> in too many new routes", then your whole network will fall apart until
> you can shutdown that initial BGP session (or re-provision the other
> sessions, which might not work due to "there is no connectivity to
> the management systems, because, BGP is down").
>
> *Iff* this happens, and you do not have working OOB access including
> being able to do local config changes on the routers ("all configs are
> done by the automatization, no local access possible"), such a problem will
> be extremely messy to recover.  Especially figuring out *what* happened,
> if you have no visibility because the routers have lost the route to your
> syslog servers....
>
> gert
> --
> "If was one thing all people took for granted, was conviction that if you
>  feed honest figures into a computer, honest figures come out. Never
> doubted
>  it myself till I met a computer with a sense of humor."
>                              Robert A. Heinlein, The Moon is a Harsh
> Mistress
>
> Gert Doering - Munich, Germany
> gert at greenie.muc.de
> _______________________________________________
> Outages mailing list
> Outages at outages.org
> https://puck.nether.net/mailman/listinfo/outages
>


-- 

-Steve
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/outages/attachments/20231109/cb3c6508/attachment.htm>