On Mon, Jun 06, 2016 at 11:41:52AM +0000, Sriram, Kotikalapudi (Fed) wrote:
I am a co-author on a route-leak detection/mitigation/prevention draft in the IDR WG in the IETF: https://tools.ietf.org/html/draft-ietf-idr-route-leak-detection-mitigation-0...
Question: Are there other means of conveying this information in common use today (i.e. for prevention of route leaks)?
There is the "human network" approach, where operators share information with each other which be used to generate config to help block "unlikely" announcements from eBGP neighbors. For instance AT&T and NTT agreed (through email) that there should be no intermediate networks between 2914 & 7018, therefore NTT blocks announcements that match as-path-regexp '_7018_' on any and all eBGP sessions, except the direct sessions with 7018. NTT calls this concept "peerlocking". I'll cover this approach at the upcoming NANOG meeting in Chicago: https://www.nanog.org/meetings/abstract?id=2860 Kind regards, Job