On Wed, 11 Feb 1998, Joe Shaw wrote:
I thought all responsible parties (like Sprint) filtered their customer routes. I know I can't advertise or leak out anything to MCI or UUNet that I havn't registered with them. I've heard in the past that Sprints route acceptance policy was a little on the trusting side, but not filtering your customers announcements is just silly. They (sprint) should only allow their customers to advertise their registered IP space and stop things like this from happening.
I'm looking at Sprint's BGP policy (http://www.sprint.net/bgppolicy.htm) and it appears that they are way too trusting. They expect their customers to do everything right, and for someone with little or no knowledge of setting up BGP, they could quickly cause havoc for Sprint's or other carriers' networks. This is especially interesting since they offer no BGP help what so ever according to this document. Also according to this document, the customer is responsible for all filtering, which is an extremely poor practice. I wonder how long it will take for a Sprint customer to advertise a default route out and I wonder how many sites it would effectively blackhole.
Regards, Joe Shaw - jshaw@insync.net NetAdmin - Insync Internet Services
We multihomed with Sprint around the beginning of October. Sprintlink will do either AS or IP based filters to their BGP peers. From their bgpform.txt: --- 8. Do you prefer AS (see 8a) or IP (see 8b) based filters*? [ ] AS filters - answer question 8a [*] IP filters - answer question 8b * All customers are filtered based on either AS path or IP address. AS filters allow customers to announce any blocks they acquire but can lead to problems if the customer configuration announces other provider routes to us (creating transit across the customer) or our own routes back to us (creating a black hole). IP filters allow customers to modify the AS announcements. Both methods have their advantages and we prefer to set up IP filters because it makes the customer configurations simpler and avoids possible transit/black hole problems. --- If the customer has chosen AS based filtering then they can announce any addresses at will, causing this type of problem. Incidently, we chose IP filtering :-). David.Schmidt@ior.com Internet Ventures, Inc. (509)622-2878 x238 Spokane, Washington http://www.perki.net/ (509)622-2872 (fax)