I'm not clear on the distinction -- but since the first location we want to do this would be based in San Francisco, I'm referring mostly to mae-west, the pacbell nap, and CIX.
Only one of these is an NSF NAP (PAC*BELL in San Francisco).
Generally for each connection to each provider, you would have to set up BGP.
Yeah, definately. But most backbones seem to have "customer routes" as an option, and if I trust them enough to get those routes correct then I will hopefully not have to bother with extreme amounts of filtering.
If you pursue getting that option, there will still be some routes that you will get via a transit connection that will have to pass through some interconnect. That means you are still going to to depend on some interconnect somewhere. Of course, if you don't have a transit agreement anywhere, you just won't see these routes at all.
It's pretty easy to enforce "no transit" at the packet filtering level -- only packets destined for my nets will be allowed in. Is there some other aspect of filtering I'm forgetting about? We have a dedicated and backup network engineer at any rate. The border router would be a cisco 7200 or 7500 series with 128Mb.
The main thing is to insure that you don't get route announcements from places you don't expect them and that you do get them from places you do expect them. Expectations will change from time to time as changes in the routing mesh do occur. That means that your routing folks will have to monitor for such changes and make adjustments from time to time. The RA (and others) have been doing such monitoring and you can get some idea how such things affect you by looking at some of their work. -- Stan | Academ Consulting Services |internet: sob@academ.com Olan | For more info on academ, see this |uucp: {mcsun|amdahl}!academ!sob Barber | URL- http://www.academ.com/academ |Opinions expressed are only mine.