On Aug 2, 2012, at 10:31 AM, Brandt, Ralph wrote:
The misconfiguration cost is usually not calculable in itself. But I think the more important issue is, "How do we prevent it?" I would spend more time on prevention than assessing the cost.
Lots of people have developed best practices on these topics. The problem is pushing against the business side and keeping these in place, and not letting the bar be low at your upstream and peers. There is a secondary issue that is yet still unaddressed. Some vendors still send all routes they receive out to all external peers in the absence of a policy. This is something I want to see corrected as it will require a bit more intelligence when it comes to BGP policy to provide the expected behavior. - Jared