On Thu, 15 Aug 2002, Richard A Steenbergen wrote:
If you're using a Cisco, and they leak, their session stays down until a human clears it. It also does very little to prevent leaking of a single route (like one of Phil Rosenthal's /24s), impacting someone else. As a customer, I would always insist on being prefix-listed and not prefix-limited.
The intent of this discussion isn't whether prefix-filtering is appropriate or not. It is up to the individual ISP to determine what degree of filtering is appropriate for their BGP customers. However, for ISP's that do NOT use any sort of prefix filters, wouldn't you prefer that your BGP session was limited to a number of prefixes, in case of a routing leak? While leaking a /24 may be impacting, it (in most circumstances, don't beat me up over this one) is not nearly as impacting as leaking a whole routing table.
I far prefer a prefix list automatically built from IRR entries, with a NOC and even a website capable of triggering a manual update if you need to get routes out now. It's all a bit of a hack, but its workable. IMHO AS Path filters are useless and redundant if you have proper prefix-lists.
I would also prefer prefix lists that were built automatically from an IRR, with a manual update feature.... If you find a provider who can claim to do this, let me know :) The best I've found is providers who can manually add entries into the filters, and let them update off the IRR once you've added the proper route object. Most providers that I've dealt with (that configure off an IRR) won't even touch their filters, and will only allow the once a day update. Joe