All,

Watching this thread with interest got an idea - let me run it by this list before taking it any further (ie. to IETF). 

How about we learn from this and try to make BGP just a little bit safer ? 

Idea: 

In all stub (non transit) ASNs we modify BGP spec and disable automatic iBGP to eBGP advertisement ? 

Implementation: 

Vendors to allow to define as part of global bgp configuration if given ASN is transit or not. The default is to be discussed - no bias. 

Benefit: 

Without any issues anyone playing any tools in his network will be able to just issue one cli and be protected from accidentally hurting others. Yet naturally he will still be able to advertise his neworks just as today except by explicit policy in any shape and form we would find proper (example: "redistribute iBGP to eBGP policy-X").

We could even discuss if this should be perhaps part of BGP OPEN or BGP capabilities too such that two sides of eBGP session must agree with each other before bringing eBGP up. 

Comments, questions, flames - all welcome :)  

Cheers,
Robert.

PS. Such a definition sure can and likely will be misused (especially if we would just settle on only a single side setting it - but that will not cause any more harm as not having it at all. 

Moreover I can already see few other good options which BGP implementation or BGP spec can be augmented with once we know we are stub or for that matter once it knows it is transit ....