[AusNOG] BGP Question
Alex Samad - Yieldbroker
Alex.Samad at yieldbroker.com
Mon Dec 23 10:20:23 EST 2013
Hi
Currently I peer with 3 transits (2 with primary and backup links). I use 2 cisco and 1 routeros routers in play.
I have been relooking at our BGP setup. Part of that process was to filter right down, having a google and a read I have come down to these rules
On the in filter
* block non routable, multicast and loopback
* block 0/1-32 routes (only allow 0/0)
* filter to allow only prefix's with 2 AS
* allow specific prefix that have specific AS as the last hop (we have identified certain AS's that our clients are on that we would like to take more than 2 AS prefix's)
* we add a local pref for all prefix's from 1 transit right now, but I am looking at changing that to just adding local pref for 0/0 instead
* we drop all /24-32 prefix's
On out bound filter
* only publishing our /24
* block everything else
The main limiter is the cisco' the amount of memory, for routeros I can just reconfigure the VM... the move from 3 as to 2 as the number of routers went from 400k (or maybe 100K) to 15k roughly ..
I'm just about to talk to our transits to send us full BGP tables and a thought occurred to me, if I am filtering a majority of the prefix's, does the peers router keep trying to send me that info or does BGP work such that a full table is sent on initiation and then only updates afterwards ?
Basically I don't want to have to received and drop all those prefix's each time the BGP peers update( or each bgp cycle)
Any other comments welcome ?
A
More information about the AusNOG
mailing list