They solve a need that isn't reasonably solved any other way that doesn't have similar drawbacks. Some optimizers need to be redesigned to be safer by default. Some networks need to be safer by default as well. ----- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest-IX http://www.midwest-ix.com ----- Original Message ----- From: "Mark Tinka" <mark.tinka@seacom.com> To: nanog@nanog.org Sent: Friday, July 31, 2020 8:59:51 AM Subject: Re: BGP route hijack by AS10990 On 30/Jul/20 19:44, Tom Beecher wrote:
It's not like there are scorecards, but there's a lot of fault to go around.
However, again, BGP "Optimizers" are bad. The conditions by which the inadvertent leak occur need to be fixed , no question. But in scenarios like this, as-path length generally limits impact to "Oh crap, I'll fix that, sorry!." Once you start squirting out more specifics, you get to own some of the egg on the face.
For about a year or so, I've been saying that the next generation of network engineers are being trained for a GUI-based point & click world, as opposed to understanding what protocols and CLI do. There is no shortage of annual workshops that teach BGP Multi-Homing. Despite the horror BGP optimizers have displayed in recent years, they seem to be flying off the shelves, still. Is this a clear example of the next generation of network engineers that we are breeding? Mark.