On Thu, Mar 26, 2020 at 9:50 AM Tom Beecher <beecher@beecher.cc> wrote:
Their device by itself did not leak anything, no. But it was the thing that created the more specifics that were then leaked due to other errors.
"In order to further reduce the likelihood of these problems occurring in the future, we will be adding a feature within Noction IRP to give an option to tag all the more specific prefixes that it generates with the BGP NO_EXPORT community. ***This will not be enabled by default***, due to potential drawbacks; such as customers who use multiple ASes or customers who have eBGP sessions with private ASes, but it will be an option if a customer wants to use it. This way, even if filters fail, more specific prefixes won’t be propagated to external autonomous systems." - https://www.noction.com/blog/route-optimizers (emphasis mine). So, yes, "other errors" - but not tagging these by default with NO_EXPORT is like shipping hand grenades with the pins removed. Yes, some people might not know how to remove them - but these people really shouldn't be touching them to begin with.... W
On Wed, Mar 25, 2020 at 7:50 PM Michel Py <michel.py@tsisemi.com> wrote:
In recent months, I've been trying to bring your attention to BGP optimization.
Is that not the thing that leaked a massive amount of prefixes some time ago ?
Michel.
TSI Disclaimer: This message and any files or text attached to it are intended only for the recipients named above and contain information that may be confidential or privileged. If you are not the intended recipient, you must not forward, copy, use or otherwise disclose this communication or the information contained herein. In the event you have received this message in error, please notify the sender immediately by replying to this message, and then delete all copies of it from your system. Thank you!...
-- I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf