Re: OPS: BGP spew from ASN 7374
"Brian Dickson" <briand@teleglobe.net> writes:
Anyone who peers with the CIX and doesn't filter (or peers with anyone and doesn't filter) gets what they deserve. At a minimum, as-path filtering; preferably, prefix filtering based on RADB registrations. IMHO.
Yeah, I know. I deserved that. For reasons best discussed only after consuming large quantities of beer, I hadn't filtered that BGP session. A ticking time bomb that finally went off. With the end of ANS as a seperate network, will there be any network pressure to keep any public routing registry up to date?
But yes, memory, even NVRAM, isn't so expensive, and it would be nice if this were at least field-replaceable or upgradeable (eg, first chip is soldered to the board, but with empty sockets for add-on NVRAM.)
I'd even be willing Cisco memory prices for that!!! ========== Also a reminder, the electric power industry will be conducting a Y2K drill on Friday, April 9, 1999. This is not expected to affect end-customer's electrical service. ftp://ftp.nerc.com/pub/sys/all_updl/docs/pressrel/4-9-99-drillreminder.pdf Next week, April 14, the FCC NRIC committee will be reviewing the telephone industry Y2K tests. http://www.nric.org/ I'm looking forward to the end of 1999. It means no more Y2K presentations. -- Sean Donelan, Data Research Associates, Inc, St. Louis, MO Affiliation given for identification not representation
Sean, SEAN@SDG.DRA.COM said:
With the end of ANS as a seperate network, will there be any network pressure to keep any public routing registry up to date?
Yes. * Several people still peer via the route servers * Several transits filter their customers by RADB or a private RADB which feeds the IRR. If you do either of the above, chaning a public IRR (once) is easier than changing n private databases. The alternative is no filtering. Hopefully natural selection will take its course on transits who do this on a regular basis. -- Alex Bligh GX Networks (formerly Xara Networks)
Alex Bligh wrote:
Sean,
SEAN@SDG.DRA.COM said:
With the end of ANS as a seperate network, will there be any network pressure to keep any public routing registry up to date?
Yes.
* Several people still peer via the route servers * Several transits filter their customers by RADB or a private RADB which feeds the IRR.
Care to name names? With ANS being one of those filtering, and knowing they connect certain large sites (e.g. CNN), it was possible to determine incorrect or improperly pulled RADB data was the cause of connectivity failures. Connectivity failures can and do result when RADB records are not properly updated, which does happen from time to time. They also happened when records WERE properly updated, but the changes made were deemed "too radical" by the software translating the RADB entries into internal databases. Moving a portable prefix from one ASN to another qualified as "too radical" a change, despite it being a semi common occurrence. Having those who use routing registries clearly state this policy somewhere, and state exactly how and when they take the updates would save much aggravation on the part of many.
If you do either of the above, chaning a public IRR (once) is easier than changing n private databases. The alternative is no filtering. Hopefully natural selection will take its course on transits who do this on a regular basis.
If common and consistent tools and rules were used to build filters from a SINGLE public database, and if the database site listed contact information and test addresses for each network using the database, I think folks could live with that. -- ----------------------------------------------------------------- Daniel Senie dts@senie.com Amaranth Networks Inc. http://www.amaranthnetworks.com
* Several people still peer via the route servers * Several transits filter their customers by RADB or a private RADB which feeds the IRR.
Care to name names?
route servers: see http://www.rsng.net/ for a list Transits - I did a survey on NANOG a few months ago as to who filtered and how (both peers and customers). About 50% of those who replied used RADB or another similar database (possibly their own, like CA*NET, MCI/CW, Level3 etc.) for filtering either peers or customers. However, I suspect this number is heavilly skewed in favour of vocal NANOG people who like IRRs. Filtering customers was way more prevalent than filtering peers. I said I'd repost the stuff anonymously, but some contributors often post here and thus may chose to answer your question on or off list.
Connectivity failures can and do result when RADB records are not properly updated, which does happen from time to time. They also happened when records WERE properly updated, but the changes made were deemed "too radical" by the software translating the RADB entries into internal databases. Moving a portable prefix from one ASN to another qualified as "too radical" a change, despite it being a semi common occurrence.
And various people had different solutions to this, the most common being a sort of 2 of 3 approach (RADB change, plus sanity algorithm, plus sanity person).
If you do either of the above, chaning a public IRR (once) is easier than changing n private databases. The alternative is no filtering. Hopefully natural selection will take its course on transits who do this on a regular basis.
If common and consistent tools and rules were used to build filters from a SINGLE public database, and if the database site listed contact information and test addresses for each network using the database, I think folks could live with that.
Well if they could agree on a routing policy language, that would be a fine start. -- Alex Bligh GX Networks (formerly Xara Networks)
If common and consistent tools and rules were used to build filters from a SINGLE public database, and if the database site listed contact information and test addresses for each network using the database, I think folks could live with that.
Well if they could agree on a routing policy language, that would be a fine start. Btw, RADB and RIPE problem is the fact this data bases was not designed to build such lists. Try to extract PREFIX list for AS-DEMOS macro from RIPE - it take you about 30 - 40 minutes and you should doing all recursions yourself. Then try to build complex filter.
RADB abd RIPE are doing good work, but they should be improved to make this _LIST EXTRACTION_ be easy operation (whois -h whois.ripe.net PREFIX-LIST:AS-RELCOM+AS-DEMOS-AS2555 -> 1.2.3.4 255.255.255.0 ... EOF - fast answer). And more and more people use this data bases. And it's bad idea to have SINGLE data base. You have a chance to get new INTERNIC -:).
-- Alex Bligh GX Networks (formerly Xara Networks)
Aleksei Roudnev, Network Operations Center, Relcom, Moscow (+7 095) 194-19-95 (Network Operations Center Hot Line),(+7 095) 230-41-41, N 13729 (pager) (+7 095) 196-72-12 (Support), (+7 095) 194-33-28 (Fax)
"Alex P. Rudnev" wrote: [snip]
And it's bad idea to have SINGLE data base. You have a chance to get new INTERNIC -:).
That's certainly an issue... I would settle for a few databases, especially if there was a definitive list of who did filtering (especially filtering outside of their own customers) and valid contact info AND test addresses for each. I'd still like a methodical, reliable way to test a new ASN once brought online. Today one activates and then spends a few weeks waiting for users to find landmines. -- ----------------------------------------------------------------- Daniel Senie dts@senie.com Amaranth Networks Inc. http://www.amaranthnetworks.com
Date: Thu, 8 Apr 1999 17:30:59 +0400 (MSD) From: "Alex P. Rudnev" <alex@Relcom.EU.net> Sender: owner-nanog@merit.edu
Btw, RADB and RIPE problem is the fact this data bases was not designed to build such lists. Try to extract PREFIX list for AS-DEMOS macro from RIPE - it take you about 30 - 40 minutes and you should doing all recursions yourself. Then try to build complex filter.
I guess you have not used the RAToolSet from ISI/Merit. I just extracted the list of prefixes for AS-DEMOS and it took less than 10 seconds using peval. I piped this into a simple Perl script to convert it into an access list and had the list ready to load in under 15 seconds. Or am I totally missing something here? R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634
Alex P. Rudnev (alex@Relcom.EU.net) on April 8:
If common and consistent tools and rules were used to build filters from a SINGLE public database, and if the database site listed contact information and test addresses for each network using the database, I think folks could live with that.
Well if they could agree on a routing policy language, that would be a fine start. Btw, RADB and RIPE problem is the fact this data bases was not designed to build such lists. Try to extract PREFIX list for AS-DEMOS macro from RIPE - it take you about 30 - 40 minutes and you should doing all recursions yourself. Then try to build complex filter.
RADB abd RIPE are doing good work, but they should be improved to make this _LIST EXTRACTION_ be easy operation (whois -h whois.ripe.net PREFIX-LIST:AS-RELCOM+AS-DEMOS-AS2555 -> 1.2.3.4 255.255.255.0 ... EOF - fast answer). And more and more people use this data bases.
It takes about 2 seconds using IRRd/RAToolSet combo. If you wanted this in Cisco prefix format, you could use RtConfig or write a sed script. [cat peval]$ time ./peval -h radb.ra.net -p 43 -protocol irrd AS-DEMOS Warning: key not found error for query !gAS5566. Warning: key not found error for query !gAS8268. Warning: key not found error for query !gAS9113. ({212.92.128.0/18, 212.48.128.0/19, 212.46.0.0/19, 212.40.192.0/19, 212.19.0.0/19, 195.230.64.0/19, 195.209.192.0/19, 195.209.96.0/19, 195.209.112.0/20, 195.209.32.0/19, 195.170.32.0/19, 195.133.0.0/16, 195.112.96.0/19, 195.112.96.0/20, 195.112.112.0/20, 195.98.32.0/19, 195.42.160.0/19, 194.117.64.0/19, 194.87.0.0/16, 194.87.0.0/17, 194.87.128.0/17, 194.87.192.0/18, 194.87.192.0/19, 194.87.224.0/19, 194.87.0.0/18, 194.87.0.0/19, 194.85.224.0/20, 194.85.224.0/21, 194.85.232.0/21, 194.85.236.0/24, 194.85.237.0/24, 194.85.234.0/24, 194.85.235.0/24, 194.85.233.0/24, 194.85.228.0/24, 194.85.229.0/24, 194.85.230.0/24, 194.85.231.0/24, 194.85.226.0/24, 194.85.224.0/24, 194.85.225.0/24, 194.85.208.0/20, 194.85.216.0/24, 194.85.217.0/24, 194.85.218.0/24, 194.85.219.0/24, 194.85.220.0/24, 194.85.221.0/24, 194.85.222.0/24, 194.85.223.0/24, 194.85.219.0/27, 194.85.215.0/24, 194.85.212.0/24, 194.85.208.0/24, 194.85.209.0/24, 194.85.210.0/24, 194.85.211.0/24, 194.85.188.0/24, 194.85.184.0/24, 194.85.113.0/24, 194.85.11.0/24, 193.233.0.0/16, 193.233.224.0/22, 193.233.192.0/20, 193.233.208.0/20, 193.233.160.0/20, 193.233.144.0/22, 193.233.108.0/22, 193.233.80.0/21, 193.233.48.0/21, 193.232.230.0/23, 193.232.192.0/19, 193.232.223.0/24, 193.232.218.0/24, 193.232.219.0/24, 193.232.216.0/24, 193.232.214.0/24, 193.232.212.0/24, 193.232.213.0/24, 193.232.208.0/24, 193.232.209.0/24, 193.232.210.0/24, 193.232.211.0/24, 193.232.206.0/24, 193.232.207.0/24, 193.232.200.0/24, 193.232.201.0/24, 193.232.202.0/24, 193.232.203.0/24, 193.232.196.0/24, 193.232.197.0/24, 193.232.198.0/24, 193.232.199.0/24, 193.232.194.0/24, 193.232.195.0/24, 193.232.81.0/24, 193.232.0.0/19, 193.232.31.0/24, 193.232.28.0/24, 193.232.26.0/24, 193.232.24.0/24, 193.232.25.0/24, 193.232.16.0/24, 193.232.17.0/24, 193.232.18.0/24, 193.232.19.0/24, 193.232.20.0/24, 193.232.21.0/24, 193.232.22.0/24, 193.232.23.0/24, 193.232.0.0/24, 193.232.1.0/24, 193.232.2.0/24, 193.232.3.0/24, 193.232.4.0/24, 193.232.5.0/24, 193.232.6.0/24, 193.232.7.0/24, 193.232.8.0/24, 193.232.9.0/24, 193.232.10.0/24, 193.232.11.0/24, 193.232.12.0/24, 193.232.13.0/24, 193.232.14.0/24, 193.232.15.0/24, 193.124.171.0/24, 193.124.114.0/24, 193.124.3.0/24, 192.124.185.0/24, 192.124.182.0/23, 192.124.180.0/24, 192.124.176.0/24, 192.124.172.0/24, 192.124.173.0/24, 192.124.170.0/23, 192.124.171.0/24, 192.91.186.0/24, 159.93.0.0/16, 157.186.0.0/16, 147.45.0.0/16, 62.76.9.0/24}) 0.06user 0.03system 0:02.27elapsed 3%CPU (0avgtext+0avgdata 0maxresident)k 0inputs+0outputs (356major+70minor)pagefaults 0swaps
And it's bad idea to have SINGLE data base. You have a chance to get new INTERNIC -:).
-- Alex Bligh GX Networks (formerly Xara Networks)
Aleksei Roudnev, Network Operations Center, Relcom, Moscow (+7 095) 194-19-95 (Network Operations Center Hot Line),(+7 095) 230-41-41, N 13729 (pager) (+7 095) 196-72-12 (Support), (+7 095) 194-33-28 (Fax)
Cengiz -- Cengiz Alaettinoglu Information Sciences Institute http://www.isi.edu/~cengiz University of Southern California
### On Thu, 8 Apr 1999 17:30:59 +0400 (MSD), "Alex P. Rudnev" ### <alex@Relcom.EU.net> casually decided to expound upon Alex Bligh ### <amb@gxn.net> the following thoughts about "Re: IRRs [was Re: OPS: BGP ### spew from ASN 7374] ": APR> Btw, RADB and RIPE problem is the fact this data bases was not designed APR> to build such lists. Try to extract PREFIX list for AS-DEMOS macro from APR> RIPE - it take you about 30 - 40 minutes and you should doing all APR> recursions yourself. Then try to build complex filter. I've been using RtConfig for a long time. It's part of ISI's RAToolSet and can be used to build cisco as well as gated and rsd filters. #107:<khuon@Espresso>(pts/36)[~]% echo "@RtConfig import AS2118 1.2.3.4/32 AS2578 5.6.7.8/32" | RtConfig -h whois.gctr.net -config cisco -rusage Warning: key not found error for query !gAS5566. Warning: key not found error for query !gAS8268. Warning: key not found error for query !gAS9113. no access-list 1 access-list 1 permit ip 62.76.9.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 147.45.0.0 0.0.0.0 255.255.0.0 0.0.0.0 access-list 1 permit ip 157.186.0.0 0.0.0.0 255.255.0.0 0.0.0.0 access-list 1 permit ip 159.93.0.0 0.0.0.0 255.255.0.0 0.0.0.0 access-list 1 permit ip 192.91.186.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 192.124.170.0 0.0.0.0 255.255.254.0 0.0.0.0 access-list 1 permit ip 192.124.171.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 192.124.172.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 192.124.173.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 192.124.176.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 192.124.180.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 192.124.182.0 0.0.0.0 255.255.254.0 0.0.0.0 access-list 1 permit ip 192.124.185.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.124.3.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.124.114.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.124.171.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.0.0 0.0.0.0 255.255.224.0 0.0.0.0 access-list 1 permit ip 193.232.0.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.1.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.2.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.3.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.4.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.5.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.6.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.7.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.8.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.9.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.10.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.11.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.12.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.13.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.14.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.15.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.16.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.17.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.18.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.19.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.20.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.21.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.22.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.23.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.24.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.25.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.26.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.28.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.31.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.81.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.192.0 0.0.0.0 255.255.224.0 0.0.0.0 access-list 1 permit ip 193.232.194.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.195.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.196.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.197.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.198.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.199.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.200.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.201.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.202.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.203.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.206.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.207.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.208.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.209.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.210.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.211.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.212.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.213.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.214.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.216.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.218.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.219.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.223.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 193.232.230.0 0.0.0.0 255.255.254.0 0.0.0.0 access-list 1 permit ip 193.233.0.0 0.0.0.0 255.255.0.0 0.0.0.0 access-list 1 permit ip 193.233.48.0 0.0.0.0 255.255.248.0 0.0.0.0 access-list 1 permit ip 193.233.80.0 0.0.0.0 255.255.248.0 0.0.0.0 access-list 1 permit ip 193.233.108.0 0.0.0.0 255.255.252.0 0.0.0.0 access-list 1 permit ip 193.233.144.0 0.0.0.0 255.255.252.0 0.0.0.0 access-list 1 permit ip 193.233.160.0 0.0.0.0 255.255.240.0 0.0.0.0 access-list 1 permit ip 193.233.192.0 0.0.0.0 255.255.240.0 0.0.0.0 access-list 1 permit ip 193.233.208.0 0.0.0.0 255.255.240.0 0.0.0.0 access-list 1 permit ip 193.233.224.0 0.0.0.0 255.255.252.0 0.0.0.0 access-list 1 permit ip 194.85.11.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.113.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.184.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.188.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.208.0 0.0.0.0 255.255.240.0 0.0.0.0 access-list 1 permit ip 194.85.208.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.209.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.210.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.211.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.212.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.215.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.216.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.217.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.218.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.219.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.219.0 0.0.0.0 255.255.255.224 0.0.0.0 access-list 1 permit ip 194.85.220.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.221.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.222.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.223.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.224.0 0.0.0.0 255.255.240.0 0.0.0.0 access-list 1 permit ip 194.85.224.0 0.0.0.0 255.255.248.0 0.0.0.0 access-list 1 permit ip 194.85.224.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.225.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.226.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.228.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.229.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.230.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.231.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.232.0 0.0.0.0 255.255.248.0 0.0.0.0 access-list 1 permit ip 194.85.233.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.234.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.235.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.236.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.85.237.0 0.0.0.0 255.255.255.0 0.0.0.0 access-list 1 permit ip 194.87.0.0 0.0.0.0 255.255.0.0 0.0.0.0 access-list 1 permit ip 194.87.0.0 0.0.0.0 255.255.128.0 0.0.0.0 access-list 1 permit ip 194.87.0.0 0.0.0.0 255.255.192.0 0.0.0.0 access-list 1 permit ip 194.87.0.0 0.0.0.0 255.255.224.0 0.0.0.0 access-list 1 permit ip 194.87.128.0 0.0.0.0 255.255.128.0 0.0.0.0 access-list 1 permit ip 194.87.192.0 0.0.0.0 255.255.192.0 0.0.0.0 access-list 1 permit ip 194.87.192.0 0.0.0.0 255.255.224.0 0.0.0.0 access-list 1 permit ip 194.87.224.0 0.0.0.0 255.255.224.0 0.0.0.0 access-list 1 permit ip 194.117.64.0 0.0.0.0 255.255.224.0 0.0.0.0 access-list 1 permit ip 195.42.160.0 0.0.0.0 255.255.224.0 0.0.0.0 access-list 1 permit ip 195.98.32.0 0.0.0.0 255.255.224.0 0.0.0.0 access-list 1 permit ip 195.112.96.0 0.0.0.0 255.255.224.0 0.0.0.0 access-list 1 permit ip 195.112.96.0 0.0.0.0 255.255.240.0 0.0.0.0 access-list 1 permit ip 195.112.112.0 0.0.0.0 255.255.240.0 0.0.0.0 access-list 1 permit ip 195.133.0.0 0.0.0.0 255.255.0.0 0.0.0.0 access-list 1 permit ip 195.170.32.0 0.0.0.0 255.255.224.0 0.0.0.0 access-list 1 permit ip 195.209.32.0 0.0.0.0 255.255.224.0 0.0.0.0 access-list 1 permit ip 195.209.96.0 0.0.0.0 255.255.224.0 0.0.0.0 access-list 1 permit ip 195.209.112.0 0.0.0.0 255.255.240.0 0.0.0.0 access-list 1 permit ip 195.209.192.0 0.0.0.0 255.255.224.0 0.0.0.0 access-list 1 permit ip 195.230.64.0 0.0.0.0 255.255.224.0 0.0.0.0 access-list 1 permit ip 212.19.0.0 0.0.0.0 255.255.224.0 0.0.0.0 access-list 1 permit ip 212.40.192.0 0.0.0.0 255.255.224.0 0.0.0.0 access-list 1 permit ip 212.46.0.0 0.0.0.0 255.255.224.0 0.0.0.0 access-list 1 permit ip 212.48.128.0 0.0.0.0 255.255.224.0 0.0.0.0 access-list 1 permit ip 212.92.128.0 0.0.0.0 255.255.192.0 0.0.0.0 access-list 1 deny ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 ! ! no route-map foo route-map foo permit 1 set local-preference 1000 ! route-map foo permit 2 set local-preference 996 Warning: Attempt to assign different local-preference to different routes Warning: based on the destination address prefix may not work due to a Warning: Cisco limitation (upto IOS v 11). Warning: The limitation is that 'match ip address' does not work for inbound Warning: route maps (Cisco will support this in the future). Warning: Use the -force_match_ip_inbound option if it is already supported. Warning: I will generate an approximate config file anyway. ! router bgp 2118 neighbor 5.6.7.8 route-map foo in Resource Usage: times: 0.03u 0.03s 1.16r i/o: 0 0 faults: 0 0 swaps: 0 max size: 0 * 8192 ws size: 0 signals: 0 vo/nv cs: 111 23 #108:<khuon@Espresso>(pts/36)[~]% APR> And it's bad idea to have SINGLE data base. You have a chance to get new APR> INTERNIC -:). I'm not sure what you mean by "SINGLE data base". The movement with regards to the future of the IRR seems to be towards a distributed model non-central authority model. -- /*====================[ Jake Khuon <khuon@GCtr.Net> ]======================+ | Network Statistics Engineer, NSM/Net-Eng /~ |2 () |\| ~|~ | @ |2 | | VOX: +1(408)328-4828 Fax: +1(408)328-4806 _/~ G L & B A L C E N T E R | +============[ 1154 East Arques Avenue, Sunnyvale, CA 94086 ]============+
participants (7)
-
Alex Bligh -
Alex P. Rudnev -
Cengiz Alaettinoglu -
Daniel Senie -
Jake Khuon -
Kevin Oberman -
Sean Donelan