[snip]
I believe that the implication was that: 1) they're not directly connected to any of the major _US_ backbones, and 2) they're on the other end of a fairly thin hose.
And they can _still_ hose things this badly.
This speaks not well of the architecture involved.
No, no, it speaks _well_ for the architecture - equal opportunity hosage! There is no backone-hasage cabale; all that enter into bgp relationships can have a shot at hurting the net... ObContent: - yes, filters are Good. customers, especially if new to complicated things, should have both as-path and prefix filters placed against them. the questions to ask oneself regarding peers is "how clueful are they, really? and do their procedures allow only these clueful into the boxes? am I willing to tie my performance/reliability/ reputation to theirs in this intimate a fashion? are my bosses willing to do so? " People like to think in terms of the first question, not the last two. - yes, the IRR is good (and yes, their PGP implementation works); giving third parties the ability to verify your organization's "routing intent" cannot be construed as bad -- the data is publicly visible. there's nothing to hide. - yes, filtering doesn't mean not pushing IRR (or other forms of distributed data) on folks. IRR (or ...) doesn't mean not trying to more closely tie authentication/verification vs realtime; present tools are config-only, which aren't dynamic enough for the real net. joe -30-