Yes, the customer has an AS number, it's just from the private AS number block, e.g. AS 65000..when the block is routed to the AS running BGP, it is tagged with that ISP's public AS number, and announced to the world in this manner. OK, acknowledged. Clarify, "transiting"? Do you mean one ISP acts as a transit routing domain for another, or for traffic that "traverses" this particular ISP, which one? ~Jay Murphy IP Network Specialist NM State Government IT Services Division PSB – IP Network Management Center Santa Fé, New México 87505 "We move the information that moves your world." “Good engineering demands that we understand what we’re doing and why, keep an open mind, and learn from experience.” “Engineering is about finding the sweet spot between what's solvable and what isn't." Radia Perlman Please consider the environment before printing e-mail -----Original Message----- From: Steve Bertrand [mailto:steve@ipv6canada.com] Sent: Monday, June 07, 2010 4:00 PM To: Murphy, Jay, DOH Cc: Dale Cornman; nanog@nanog.org Subject: Re: Strange practices? On 2010.06.07 17:49, Murphy, Jay, DOH wrote:
"Has anyone ever heard of a multi-homed enterprise not running bgp with either of 2 providers, but instead, each provider statically routes a block to their common customer and also each originates this block in BGP?â€
As stated before...yes this is a common practice.
"One of the ISP's in this case owns the block and has even provided a letter of authorization to the other, allowing them to announce it in BGP as well.â€
Yes, one ISP owns the block, both will aggregate the blocks and announce the blocks to the global internet. BGP attributes will shape best path for routing; i.e., AS-PATH, ORIGIN, LOCAL PREF. MEDS should take care of "leaking" routes.
So, is this design scheme viable? Yes, it is.
I understood the OP's question as one of concern. It sounds to me like one of their ISPs can't/won't/doesn't know how to configure a client-facing BGP session. I've run into this before, and it was due to a lack of understanding/clue of how to peer with a multi-homed client when the client didn't have their own ASN. If that is the case, then I'd be concerned about situations where the link goes down, but the advertisement is not removed from their DFZ-facing sessions, possibly causing a black hole for traffic transiting that ISP. The work involved in co-ordinating two ISPs to detect and protect against this type of situation is far more difficult than just configuring BGP from the client out (imho). Steve Confidentiality Notice: This e-mail, including all attachments is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited unless specifically provided under the New Mexico Inspection of Public Records Act. If you are not the intended recipient, please contact the sender and destroy all copies of this message. -- This email has been scanned by the Sybari - Antigen Email System.