Iljitsch van Beijnum <iljitsch@muada.com> wrote:
But not allowing BGP -> IGP -> BGP might be a good one. On the other hand, someone who is determined to screw up could do BGP -> IGP on one router and IGP -> BGP on another.
I've seen that done. And usefully. The case involved an AGS+ (BGP speaking) and IGS (with too little memory to run anything later than IOS 8.3, but after the PALs required to do memory upgrades on IGSs had been discontinued by Cisco) and a peering across a serial link, but could just as easily happen with today's routers -- eg, two small ISPs peering over a Cisco 827. Any feature can be useful, but you just have to be very careful and very aware of what you're doing and why it is evil. If you can carefully select the routes via, say, nexthop, filter them correctly and know what ASN to insert them into, then you can use an IGP to transport routes between two ASNs (or more, if you match various nexthops and use them to insert into different ASNs). Imagine ISP A and ISP B are BGP-speakers with only a small amount of peering traffic, and an asymmetric flow (say ISP B is a small, modem customer only ISP, and ISP A have a bit of content and a slightly larger customer base). Now say ISP A and ISP B peer for some reason, and ISP A uses BGP as their only interstate routing protocol, so they need the routes to appear in their BGP table. ISP B could be using a Cisco 827 (RIPv2 only) to connect to ISP A's ADSL product via L2TP. ISP A could be putting ISP B into a VRF and then forwarding them off to a small router (eg, an old 1000-series, with an IOS before BGP was removed from them[1]), which they peer via BGP back to their regular network (having configured it in ISP B's ASN), and insert the routes (after filtering) from RIPv2 into BGP. And before you say no ISP would be crazy enough to peer with a 1003 and 827 in the peering path, I refer you to http://peer.sensation.net.au/ (a NAP using 33k and 56k modems, or 'NAPette' as the organizer calls it). Of course, this is probably a good argument -not- to support IGP into BGP distribution, because someone might use it for something like the above! :-) David. [1] example router thrown in because it lines up so well with the dodgyness of the example usage :-) besides, 1003s look cool [substitute any other 1000-series.