Of course it would work, but if I lose BGP I don't want to use it. Could do track, etc but getting a default is just an easy way to do it. Obviously we have multiple BGP peers, can't imagine just having one.
On Mon, May 16, 2016 at 12:03 PM, Faisal Imtiaz <fai...@snappytelecom.net> wrote: > What I meant to ask is ..... > > Why get the default route via BGP from your Upstream... Why not set is > statically (ip sla track, or monitor gateway etc). > > IF your bgp sessions goes down, then your prefixes are withdrawn anyway.. > so I am not sure what that will cover you for.. > > In regards to OSPF redistributing default routes, I believe managing a > statically done default route is easier and safer to inject and manage, vs > one coming from your upstream. > > Faisal Imtiaz > Snappy Internet & Telecom > 7266 SW 48 Street > Miami, FL 33155 > Tel: 305 663 5518 x 232 > > Help-desk: (305)663-5518 Option 2 or Email: supp...@snappytelecom.net > > ------------------------------ > > *From: *"Cassidy B. Larson" <c...@infowest.com> > *To: *af@afmug.com > *Sent: *Monday, May 16, 2016 11:18:16 AM > *Subject: *Re: [AFMUG] Upstream BGP Questionairre > > We do a cisco ip sla track to make sure BGP is up on the upstream facing > interface for the static default to be valid. > > On May 16, 2016, at 9:04 AM, Faisal Imtiaz <fai...@snappytelecom.net> > wrote: > Interesting.... Carl, doing a manual static default route does not do the > trick for you ? > > Regards. > > Faisal Imtiaz > Snappy Internet & Telecom > 7266 SW 48 Street > Miami, FL 33155 > Tel: 305 663 5518 x 232 > > Help-desk: (305)663-5518 Option 2 or Email: supp...@snappytelecom.net > <supp...@snappytelecom.net> > > ------------------------------ > > *From: *"Carl Peterson" <cpeter...@portnetworks.com> > *To: *af@afmug.com > *Sent: *Monday, May 16, 2016 10:42:35 AM > *Subject: *Re: [AFMUG] Upstream BGP Questionairre > > For #3, I generally ask for full route + a default. The default is for > default information originate for OSPF. If there isn't a default in the > routing table, my edge router won't advertise a default to non-bgb ospf > peers. You don't want a static default in case the peer goes down. > > > On Mon, May 16, 2016 at 7:20 AM, Josh Baird <joshba...@gmail.com> wrote: > >> Many providers refer to this as 'RTBH' (remotely triggered blackhole >> filtering). >> Josh >> >> On Sun, May 15, 2016 at 10:21 PM, That One Guy /sarcasm < >> thatoneguyst...@gmail.com> wrote: >> >>> that request, lacking my fundamental understanding of the terminology, >>> would be phrased how? >>> >>> On Sat, May 14, 2016 at 5:56 PM, Josh Baird <joshba...@gmail.com> wrote: >>> >>>> Yes, it requires your upstream to support a blackhole BGP community. >>>> This allows you to advertise host routes (/32 or smaller) to them using a >>>> specific BGP community when you want your ISP to drop all traffic for the >>>> prefix before it reaches you. This is -very- useful for DDoS defense. >>>> Josh >>>> >>>> On Sat, May 14, 2016 at 4:16 PM, That One Guy /sarcasm < >>>> thatoneguyst...@gmail.com> wrote: >>>> >>>>> That requires something specific? >>>>> On May 14, 2016 7:33 AM, "Erich Kaiser" <er...@northcentraltower.com> >>>>> wrote: >>>>> >>>>>> We have started requiring our upstreams to filter by ASN vs >>>>>> Netblock. We are moving away from upstreams that do not utilize IRR >>>>>> Entries and require intervention every time we want to make a change, but >>>>>> it is continuous for us, so for most guys the one time setup is not a big >>>>>> deal, plus the upstream has to be trusting enough that we will have the >>>>>> correct filtering on our end. >>>>>> >>>>>> Steve, I would add Blackhole BGP community or session to your list. >>>>>> >>>>>> Erich Kaiser >>>>>> The Fusion Network >>>>>> er...@gotfusion.net >>>>>> Office: 630-621-4804 >>>>>> Cell: 630-777-9291 >>>>>> On Sat, May 14, 2016 at 6:34 AM, Paul Stewart <p...@paulstewart.org> >>>>>> wrote: >>>>>> >>>>>>> Or, quite a number of carriers (especially in APAC, some carriers in >>>>>>> Canada, a few in the US, and definitely a large number in Europe) will >>>>>>> say >>>>>>> “do you have an IRR entry at RADB?” and if you say yes then they will >>>>>>> use >>>>>>> the route object information but if you say no then they will tell you >>>>>>> to >>>>>>> open a ticket with their NOC each time you have a prefix to add/remove >>>>>>> …. >>>>>>> >>>>>>> >>>>>>> I’m actually surprised by the number of transit providers that >>>>>>> don’t’ support automation via IRR >>>>>>> >>>>>>> >>>>>>> Paul >>>>>>> >>>>>>> >>>>>>> >>>>>>> *From:* Af [mailto:af-boun...@afmug.com] *On Behalf Of *Faisal >>>>>>> Imtiaz >>>>>>> *Sent:* May 13, 2016 9:25 PM >>>>>>> *To:* af@afmug.com >>>>>>> *Subject:* Re: [AFMUG] Upstream BGP Questionairre >>>>>>> >>>>>>> >>>>>>> Let me clarify this a bit more... >>>>>>> >>>>>>> >>>>>>> You are recommending that one creates it's own AS Object in the >>>>>>> IRR..(aka learns and manages their own RR entries) (it really does not >>>>>>> matter which IRR it is, at the end of the day they are all sort of >>>>>>> synced, >>>>>>> it is only a question of who is maintaining it, and who can provide >>>>>>> help to >>>>>>> newbies). .. BTW, I agree with this.. however .... >>>>>>> >>>>>>> >>>>>>> Cause at the end of the day, someone in the up-stream is very likely >>>>>>> to create the record for you, if it is needed by them... >>>>>>> >>>>>>> This is one of those things that most carriers find... "too much >>>>>>> trouble to teach vs just do it for that network !" >>>>>>> >>>>>>> >>>>>>> :) >>>>>>> >>>>>>> >>>>>>> Regards. >>>>>>> >>>>>>> >>>>>>> Faisal Imtiaz >>>>>>> Snappy Internet & Telecom >>>>>>> 7266 SW 48 Street >>>>>>> Miami, FL 33155 >>>>>>> Tel: 305 663 5518 x 232 >>>>>>> >>>>>>> Help-desk: (305)663-5518 Option 2 or Email: >>>>>>> supp...@snappytelecom.net >>>>>>> >>>>>>> ------------------------------ >>>>>>> >>>>>>> *From: *"George Skorup" <geo...@cbcast.com> >>>>>>> *To: *af@afmug.com >>>>>>> *Sent: *Friday, May 13, 2016 7:15:26 PM >>>>>>> *Subject: *Re: [AFMUG] Upstream BGP Questionairre >>>>>>> >>>>>>> I recommend adding your route or AS objects in ARIN's IRR. Merit >>>>>>> RADb is not free. Most carriers use RADb, and RADb mirrors ARIN's IRR >>>>>>> anyway. >>>>>>> >>>>>>> On 5/13/2016 3:49 PM, Faisal Imtiaz wrote: >>>>>>> >>>>>>> See answers in-line below:- >>>>>>> >>>>>>> >>>>>>> Faisal Imtiaz >>>>>>> Snappy Internet & Telecom >>>>>>> 7266 SW 48 Street >>>>>>> Miami, FL 33155 >>>>>>> Tel: 305 663 5518 x 232 >>>>>>> >>>>>>> Help-desk: (305)663-5518 Option 2 or Email: >>>>>>> supp...@snappytelecom.net >>>>>>> >>>>>>> ------------------------------ >>>>>>> >>>>>>> *From: *"That One Guy /sarcasm" <thatoneguyst...@gmail.com> >>>>>>> <thatoneguyst...@gmail.com> >>>>>>> *To: *af@afmug.com >>>>>>> *Sent: *Friday, May 13, 2016 11:35:10 AM >>>>>>> *Subject: *[AFMUG] Upstream BGP Questionairre >>>>>>> >>>>>>> Im going to expose the breadth of my incompetence here, but there >>>>>>> are some questions in this document I want to make sure im answering >>>>>>> accurately >>>>>>> >>>>>>> 1. Are you the owner of the AS Number with RIR- This im assuming is >>>>>>> our ARIN direct allocation? >>>>>>> >>>>>>> They are asking if you have a AS # assigned to you from ... (would >>>>>>> be ARIN for North America). >>>>>>> >>>>>>> 2. Are you registered with an Internet Routing Registry? - Im not >>>>>>> sure what this is, is this also ARIN or do I need to register something >>>>>>> elsewhere? >>>>>>> >>>>>>> Routing Registry.... it is a way to build authorized prefixes from a >>>>>>> DataBase... >>>>>>> >>>>>>> You can read up about it from here >>>>>>> https://www.arin.net/resources/routing/ >>>>>>> >>>>>>> >>>>>>> Justin Wilson did a blog about it too... >>>>>>> http://www.mtin.net/blog/?p=245 >>>>>>> >>>>>>> >>>>>>> and yes ARIN also provides a Routing Registry Service ... (along >>>>>>> with a few others) >>>>>>> >>>>>>> >>>>>>> 3. Which type of routes do you want to receive? - Full routes is >>>>>>> what we want, but are there caveats in this answer I need to be prepared >>>>>>> for? >>>>>>> >>>>>>> >>>>>>> >>>>>>> No Caveats, as long as your equipment is able to take full routes, >>>>>>> then do so. >>>>>>> >>>>>>> >>>>>>> >>>>>>> 4. Do you have downstream ASNs? - I assume this would be customers >>>>>>> with their own allocations? We currently do not, but do not want to >>>>>>> close >>>>>>> the door on that in the future. Is this something easily updated in the >>>>>>> future? >>>>>>> >>>>>>> Answer this question in the Present.. (you don't have any so say >>>>>>> no)... no future door is closed due to this... this is just info asked / >>>>>>> collected for the upstream to be able to build their ACL filters.... >>>>>>> (This >>>>>>> is also a flag for them to collect your BGP LOA's as well as your >>>>>>> Customers >>>>>>> to you..) >>>>>>> >>>>>>> >>>>>>> This becomes a mute topic, if you are versed in using the Routing >>>>>>> Registry and maintaining your own Route Objects etc. >>>>>>> >>>>>>> >>>>>>> >>>>>>> 5. List all prefixes to be announced so that we can confirm the BGP >>>>>>> ACL prior to activation: We only have a /22, but we do want the option >>>>>>> down >>>>>>> the road to pull /24 from one provider if need be. Would we list the >>>>>>> /24s >>>>>>> independently or the /22 as the aggregate? >>>>>>> >>>>>>> >>>>>>> >>>>>>> You want to ask them for the following:- >>>>>>> >>>>>>> >>>>>>> xx.xx.xx.xx/22 please use the 'le 24' option with the filter. >>>>>>> >>>>>>> >>>>>>> Note: this will have them build a filter that can accept larger >>>>>>> prefixes between 24 - 22, so it is not a 'specific' filter... >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> 6. MD5 Password: On this is it standard practice to use the same >>>>>>> password with all providers or different ones? >>>>>>> >>>>>>> >>>>>>> Your choice... either way.... no big deal, as long as you keep track >>>>>>> of them. >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> >>>>>>> If you only see yourself as part of the team but you don't see your >>>>>>> team as part of yourself you have already failed as part of the team. >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>> >>>> >>> >>> >>> -- >>> If you only see yourself as part of the team but you don't see your team >>> as part of yourself you have already failed as part of the team. >>> >> >> > > > -- > > > > > > -- Carl Peterson *PORT NETWORKS* 401 E Pratt St, Ste 2553 Baltimore, MD 21202 (410) 637-3707
