<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii"><meta name=Generator content="Microsoft Word 14 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>It sounds like they are blocking a host on your network, by dropping a null route into their routing table for something as little as a /32<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>That null route is then leaking into BGP, and being aggregated, as they are seeing your /22 from somewhere else, they are then re-announcing this.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>DODO likely DO have route-filters setup. (But Telstra, why have you not learnt ?)<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>What I suggest is happening is that DODO Trust their own local routing tables (i.e. router to router subnets), and anything that they are originating locally (Like a null route) is then considered trusted, and allowed through BGP.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>DODO, instead of trusting your local originating routing table, you should create a manual list of what you consider ‘LOCAL’ or originating prefixes from the inside of your network itself (i.e. not learnt routes), and then filter your local routing table against this list, too, before advertising your BGP Null routes.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>S.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>PS.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'> A question for any peering guru’s on this list, are ALL of the major Aussie IX’s performing route-filtering on the route reflectors to guard against routes like this leaking into the IX?<br>(i.e. PIPE, EQUINIX, and WAIA’s various peering IX’s?)<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><br><br><o:p></o:p></span></p><p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> ausnog-bounces@lists.ausnog.net [mailto:ausnog-bounces@lists.ausnog.net] <b>On Behalf Of </b>Sheng Yeo<br><b>Sent:</b> Wednesday, May 02, 2012 10:04 AM<br><b>To:</b> Craig Askings<br><b>Cc:</b> ausnog@lists.ausnog.net<br><b>Subject:</b> Re: [AusNOG] Issue getting routes from Telstra to 49.156.16.0/22<o:p></o:p></span></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Thanks for all the replies everyone. We advertise everything as /24 subnets as well. <o:p></o:p></p><div><p class=MsoNormal><o:p> </o:p></p><div><p class=MsoNormal>Also, just as a quick note, we are not a customer of either Dodo or Telstra directly so we have no SLA with either of them. <o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>We advertise to Vocus, Equinix and AAPT who then advertise upstream to Telstra. This made it even more difficult to find the right person to speak to as we kept hitting walls as we were not customers of theirs. <o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>Thanks again for all the help. I will give them a call to discuss why this occurred (as I am still waiting for a reply). <o:p></o:p></p></div><div><p class=MsoNormal><br clear=all><o:p></o:p></p><p style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'>Cheers,<o:p></o:p></span></p><p style='margin:0in;margin-bottom:.0001pt;background:white'><b><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:#404040'> </span></b><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'><o:p></o:p></span></p><p style='margin:0in;margin-bottom:.0001pt;background:white'><b><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:#404040'>Sheng Yeo</span></b><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'><o:p></o:p></span></p><p style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:#404040'>Managing Director</span><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'><o:p></o:p></span></p><p style='margin:0in;margin-bottom:.0001pt;background:white'><b><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:#E36C0A'>OrionVM Cloud Platform</span></b><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'><o:p></o:p></span></p><p style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:#404040'> </span><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'><o:p></o:p></span></p><p style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:#404040'>Mobile: +61 402 098 008</span><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'><o:p></o:p></span></p><p style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:#404040'>Phone: +61 2 8004 6408</span><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'><o:p></o:p></span></p><p style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:#404040'>Email: </span><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:blue'><a href="mailto:sheng.yeo@orionvm.com.au" target="_blank">sheng.yeo@orionvm.com.au</a></span><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'><o:p></o:p></span></p><p style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:#404040'>Web: <a href="http://www.orionvm.com.au/" target="_blank">www.orionvm.com.au</a></span><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'><o:p></o:p></span></p><p style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:#404040'> </span><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'><o:p></o:p></span></p><p style='margin:0in;margin-bottom:.0001pt;background:white'><span style='font-size:8.0pt;font-family:"Arial","sans-serif";color:#404040'>This e-mail message and any attachments contain information that is confidential and may be subject to legal privilege.If you are not the intended recipient, you must not peruse, use, pass on or copy this message or any attachments. If you have received this e-mail in error, please notify us by return e-mail and erase all copies of this message including any attachments.</span><span style='font-size:10.0pt;font-family:"Arial","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal style='margin-bottom:12.0pt'><br><br><o:p></o:p></p><div><p class=MsoNormal>On 2 May 2012 10:00, Craig Askings <<a href="mailto:craig@askings.com.au" target="_blank">craig@askings.com.au</a>> wrote:<o:p></o:p></p><div><p class=MsoNormal>On 2/05/2012 9:53 AM, Paul Wilkins wrote:<o:p></o:p></p><p class=MsoNormal>You'd expect that after recent events, that Dodo would have had a complete review of their BGP done by a third party expert. Seems strange this hasn't happened.<br><br>Paul Wilkins<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p></div><p class=MsoNormal>I doubt dodo have many if any clients on a SLA, what would their financial incentive to fix this?<br><br>Craig.<br>_______________________________________________<br>AusNOG mailing list<br><a href="mailto:AusNOG@lists.ausnog.net" target="_blank">AusNOG@lists.ausnog.net</a><br><a href="http://lists.ausnog.net/mailman/listinfo/ausnog" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><o:p></o:p></p></div><p class=MsoNormal><o:p> </o:p></p></div></div></div></body></html>