On Thu, Aug 15, 2002 at 05:15:04PM -0700, Joe Wood wrote:
However, I don't really see a reason why ISP's shouldn't implement max-prefixes on their customer sessions; This would not prevent against very small prefix leaks, but would prevent partial and whole routing table leaks that impact many networks.
If you're using a Cisco, and they leak, their session stays down until a human clears it. It also does very little to prevent leaking of a single route (like one of Phil Rosenthal's /24s), impacting someone else. As a customer, I would always insist on being prefix-listed and not prefix-limited. I far prefer a prefix list automatically built from IRR entries, with a NOC and even a website capable of triggering a manual update if you need to get routes out now. It's all a bit of a hack, but its workable. IMHO AS Path filters are useless and redundant if you have proper prefix-lists. -- Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)