Hi, Max -- On 19/08/2015 17:36, Max Tulyev <maxtul@netassist.ua> wrote:
My solution is:
1. Don't care. 2. If some peer steal your transit, and it is noticeable amount of traffic causing some problems for you - investigate and terminate that peer.
Unless this bandwidth fraud is taking place over a public peering LAN (IX). You could find that a non-peer is “stealing bandwidth”. In which case, tell the IX operator (they *do* care, and *do* want to stop abusive or fraudulent behaviour). You can, if paranoid, apply some l2/3 filters to only hear from expected peers at the IX (which prevents non-peers from pointing statics at you, but not peers though.) How paranoid shall we take it ? You can also - with a small enough customer footprint - perhaps put each peer into their own VRF and apply policies which prohibit forwarding except to customer prefixes. -a