On Thu, Aug 31, 2017 at 11:24 AM, Leo Bicknell <bicknell@ufp.org> wrote:
In a message written on Thu, Aug 31, 2017 at 12:50:58PM +0200, J??rg Kost wrote:
What about adding an option to the BGP session that A & B do agree on a fixed number of prefixes in both directions, so Bs prefix-in could be As prefix-out automatically?
As others have pointed out, that's harder to do, but there's a different reason it may not be desireable.
If a peer sets a limit to tear down the session with no automatic reset, forcing a call to their NOC to get a human to reset it then it may be advantageous to set your side to tear down at N-1 prefixes. That way you can insure restoration at the speed of your NOC, and not at the speed of your peer's.
Generally controlling your own destiny is preferred, I agree with that. I think also being able to say: "I shouldn't ever send more than 477 routes, let's round up for ops reasons to 1k max" seems like a great way to make your network safer for the rest of the network. Yes, people (as job and others noted) could set 'too high' limits... ok, that's their decision to make. Yes, maybe in the 523 prefixes that leak in my example there could be some affected party... I think it's pretty unlikely that there will be widescale damage from a small number of routes leaking, there are certainly plenty of documented cases of wide scale problems from full table leaks though :) Yes, your sessions might bounce or stay-down... it's probably better to go down on a some peers and have control to get back up on your side, than to cause widescale outages due to a full table leak. i'd be in favor of a output max prefix limit knob.