Martin, Christian wrote:
Poor filtering practices. As filter-lists grow in size and complexity, and the AS lists grow, there is the potential for leaks. All it takes is for and inexperienced/tired/clueless operator to turn up a T1 session with a multihomed downstream peer, and neglect the filter-list on their inbound updates. Then, considering that any other peer that advertises an AS that is two hops away has the same preference configured all the way through, we're talking router ID here. The OC3 session that is prefered doesn't see the routes, but they are coming in from other places, including the T1. bgp always-compare-med can help, but not everyone uses it. This can be bad.
What would be helpful, of course, is a series of FAQs that pretty much detail various config options for different-type setups. Freeman's stuff is a start. -- =========================================================================== Jim Jagielski ||| jim@jaguNET.com ||| http://www.jaguNET.com/ "That's no ordinary rabbit... that's the most foul, cruel and bad-tempered rodent you ever laid eyes on"