[AusNOG] Downstream BGP Config

McDonald Richards macca at vocus.com.au
Tue May 1 22:45:29 EST 2012


Ok ­ I'll bite.

This is not something you take lightly if you have no experience
implementing it. You need to make sure you secure your boundary so that what
your customer advertises to you is authentic and what you advertise to the
rest of the world is authentic. Failure to do so can lead to very public
outages.

If you really are new to BGP I suggest you watch one of Phillip Smith's BGP
tutorials. The slide deck will point you towards templates etc that will
assist you ­ particularly for Cisco kit.

http://www.nanog.org/meetings/nanog44/abstracts.php?pt=MzAmbmFub2c0NA==&nm=n
anog44

A few things that you should consider:
Max-prefix limits
AS-Path limits
Explicit prefix lists on your customer and if you have a fairly static
network, your upstream carriers and peers
BGP communities, your internal use of them and what your providers will
support (RTBH, prepending etc)
AS-PATH ACLs
"stupidity filters" (ie AS-path filtering tier 1 carriers like Level 3,
Verizon US from domestic multi lateral peering points)

Macca



From:  James Mcintosh <james.mcintosh at rocketmail.com>
Reply-To:  James Mcintosh <james.mcintosh at rocketmail.com>
Date:  Tue, 1 May 2012 01:50:29 -0700 (PDT)
To:  "ausnog at lists.ausnog.net" <ausnog at lists.ausnog.net>
Subject:  [AusNOG] Downstream BGP Config

Hi Noggers,

We use BGP upstream with our upstream carriers but now for the first time we
have been asked by one of our larger customers to allow them to advertise
their own IP block and AS number.

We've never had a customer with this requirement before.

I'm hoping some of the experienced admins on the list could comment on what
we need to consider.

Also a sample config for IOS would be super helpful as my BGP knowledge is
pretty basic.

-James



_______________________________________________ AusNOG mailing list
AusNOG at lists.ausnog.net http://lists.ausnog.net/mailman/listinfo/ausnog

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20120501/b20d8b66/attachment.html>


More information about the AusNOG mailing list