North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Route filters, IRRs, and route objects
- From: Przemyslaw Karwasiecki
- Date: Wed Mar 27 15:16:32 2002
This is true, and I am using cisco prefix list already,
and "upto" notation on juniper boxes.
The problem is that some providers (like LEVEL3)
requires that all routes are registered in some IRR
before they will consider them valid/legitimate....
So I have filters accepting from my customers whatever le 24,
but once those routes are propagated over Internet and they
reach eventually providers like Level3, they have their filters
accepting only those routes, which are registered on some IRR
in exact way....
On Wed, 2002-03-27 at 14:56, Rob wrote:
> this can be easily achieved on ciscos (IOS 11.3.1 and up) by using prefix lists. note the following example:
> ip prefix-list 1 permit 10.0.0.0/18 le 24
> the le 24 at the end indicates that this line of the prefix list will allow any prefix less than or equal to 24 within the 10.0.0.0/18 block. apply this inbound to your bgp neighbor and there is your filter. for this particular example, you could use any number from 19 to 32 to indicate how long of a prefix you will allow.
> i hope this answers your question. cheers!
> Przemyslaw Karwasiecki [firstname.lastname@example.org] wrote:
> > Hello,
> > I would like to ask you for an advice in regards to
> > "proxy registering" of customer route objects in IRR.
> > What is the best current practice in a situation,
> > when your customers want to advertise to you several
> > /18 or /19 but they also have a requirement to be able
> > to advertise some deaggregated routes on top of aggregates.
> > It is very common that they are unable to predict exactly
> > which deaggregated routes they will need to advertise,
> > as they use those to achieve some traffic engineering
> > objectives which change over time. And "over time" does
> > NOT occur once per 30 minutes or so, so they DON'T
> > generate any major BGP fluctuations.
> > Forgive my ignorance, but is my understanding of RPSL
> > correct, that it should be possible to specify routes
> > in a way which will allow cover aggregate plus whole
> > set of possible more specific routes upto certain netmask
> > length. Something like: 10.0.0.0/18^18-24
> > So why this is uncommon to use such notation to describe
> > routing policy, and use it to generate filters?
> > Why it is required by some providers to generate explicit,
> > exact route objects, in order to allow routes through
> > their filters?
> > Is it really necessary to "explode" route-sets like
> > those 10.0.0.0/m^m-n into 2^(n-m+1) separate route objects
> > to meet requirements of some providers?
> > I believe that this is very common problem, so if there
> > are any places on the web with some "best practice"
> > documents, please point me to them.
> > Thank you,
> > Przemek