[AusNOG] Downstream BGP Config

Skeeve Stevens skeeve+ausnog at eintellego.net
Tue May 1 22:53:36 EST 2012


+10

*Skeeve Stevens, CEO*
eintellego Pty Ltd
skeeve at eintellego.net ; www.eintellego.net

Phone: 1300 753 383 ; Fax: (+612) 8572 9954

Cell +61 (0)414 753 383 ; skype://skeeve

facebook.com/eintellego

twitter.com/networkceoau ; www.linkedin.com/in/skeeve

PO Box 7726, Baulkham Hills, NSW 1755 Australia

The Experts Who The Experts Call
Juniper - Cisco – IBM



On Tue, May 1, 2012 at 22:45, McDonald Richards <macca at vocus.com.au> wrote:

> Ok – I'll bite.
>
> This is not something you take lightly if you have no experience
> implementing it. You need to make sure you secure your boundary so that
> what your customer advertises to you is authentic and what you advertise to
> the rest of the world is authentic. Failure to do so can lead to very
> public outages.
>
> If you really are new to BGP I suggest you watch one of Phillip Smith's
> BGP tutorials. The slide deck will point you towards templates etc that
> will assist you – particularly for Cisco kit.
>
>
> http://www.nanog.org/meetings/nanog44/abstracts.php?pt=MzAmbmFub2c0NA==&nm=nanog44
>
> A few things that you should consider:
> Max-prefix limits
> AS-Path limits
> Explicit prefix lists on your customer and if you have a fairly static
> network, your upstream carriers and peers
> BGP communities, your internal use of them and what your providers will
> support (RTBH, prepending etc)
> AS-PATH ACLs
> "stupidity filters" (ie AS-path filtering tier 1 carriers like Level 3,
> Verizon US from domestic multi lateral peering points)
>
> Macca
>
>
>
> From: James Mcintosh <james.mcintosh at rocketmail.com>
> Reply-To: James Mcintosh <james.mcintosh at rocketmail.com>
> Date: Tue, 1 May 2012 01:50:29 -0700 (PDT)
> To: "ausnog at lists.ausnog.net" <ausnog at lists.ausnog.net>
> Subject: [AusNOG] Downstream BGP Config
>
> Hi Noggers,
>
> We use BGP upstream with our upstream carriers but now for the first time
> we have been asked by one of our larger customers to allow them to
> advertise their own IP block and AS number.
>
> We've never had a customer with this requirement before.
>
> I'm hoping some of the experienced admins on the list could comment on
> what we need to consider.
>
> Also a sample config for IOS would be super helpful as my BGP knowledge is
> pretty basic.
>
> -James
>
>
>
> _______________________________________________ AusNOG mailing list
> AusNOG at lists.ausnog.net http://lists.ausnog.net/mailman/listinfo/ausnog
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20120501/65a6026c/attachment.html>


More information about the AusNOG mailing list