Yeah, that was about the only thing I could come up with as being the most practical reason.... (e.g. when doing bgp on a CCR etc). but even then the logic validity of this as a solution to the problem is questionable, however giving the appearance of a possible solution... I will buy that ..
But then again, I may be just splitting hairs... :) Faisal Imtiaz Snappy Internet & Telecom 7266 SW 48 Street Miami, FL 33155 Tel: 305 663 5518 x 232 Help-desk: (305)663-5518 Option 2 or Email: supp...@snappytelecom.net > From: "Erich Kaiser" <er...@northcentraltower.com> > To: af@afmug.com > Sent: Monday, May 16, 2016 8:03:32 PM > Subject: Re: [AFMUG] Upstream BGP Questionairre > Some people want default route and full routes because of route > propagation/population, this way if your session resets you at least can get > online right away. > Erich Kaiser > North Central Tower > er...@northcentraltower.com > Office: 630-621-4804 > Cell: 630-777-9291 > On Mon, May 16, 2016 at 11:03 AM, Faisal Imtiaz < fai...@snappytelecom.net > > wrote: >> What I meant to ask is ..... >> Why get the default route via BGP from your Upstream... Why not set is >> statically (ip sla track, or monitor gateway etc). >> IF your bgp sessions goes down, then your prefixes are withdrawn anyway.. so >> I >> am not sure what that will cover you for.. >> In regards to OSPF redistributing default routes, I believe managing a >> statically done default route is easier and safer to inject and manage, vs >> one >> coming from your upstream. >> Faisal Imtiaz >> Snappy Internet & Telecom >> 7266 SW 48 Street >> Miami, FL 33155 >> Tel: 305 663 5518 x 232 >> Help-desk: (305)663-5518 Option 2 or Email: supp...@snappytelecom.net >>> From: "Cassidy B. Larson" < c...@infowest.com > >>> To: af@afmug.com >>> Sent: Monday, May 16, 2016 11:18:16 AM >>> Subject: Re: [AFMUG] Upstream BGP Questionairre >>> We do a cisco ip sla track to make sure BGP is up on the upstream facing >>> interface for the static default to be valid. >>>> On May 16, 2016, at 9:04 AM, Faisal Imtiaz < fai...@snappytelecom.net > >>>> wrote: >>>> Interesting.... Carl, doing a manual static default route does not do the >>>> trick >>>> for you ? >>>> Regards. >>>> Faisal Imtiaz >>>> Snappy Internet & Telecom >>>> 7266 SW 48 Street >>>> Miami, FL 33155 >>>> Tel: 305 663 5518 x 232 >>>> Help-desk: (305)663-5518 Option 2 or Email: supp...@snappytelecom.net >>>>> From: "Carl Peterson" < cpeter...@portnetworks.com > >>>>> To: af@afmug.com >>>>> Sent: Monday, May 16, 2016 10:42:35 AM >>>>> Subject: Re: [AFMUG] Upstream BGP Questionairre >>>>> For #3, I generally ask for full route + a default. The default is for >>>>> default >>>>> information originate for OSPF. If there isn't a default in the routing >>>>> table, >>>>> my edge router won't advertise a default to non-bgb ospf peers. You don't >>>>> want >>>>> a static default in case the peer goes down. >>>>> On Mon, May 16, 2016 at 7:20 AM, Josh Baird < joshba...@gmail.com > wrote: >>>>>> Many providers refer to this as 'RTBH' (remotely triggered blackhole >>>>>> filtering). >>>>>> Josh >>>>>> On Sun, May 15, 2016 at 10:21 PM, That One Guy /sarcasm < >>>>>> thatoneguyst...@gmail.com > wrote: >>>>>>> that request, lacking my fundamental understanding of the terminology, >>>>>>> would be >>>>>>> phrased how? >>>>>>> On Sat, May 14, 2016 at 5:56 PM, Josh Baird < joshba...@gmail.com > >>>>>>> wrote: >>>>>>>> Yes, it requires your upstream to support a blackhole BGP community. >>>>>>>> This allows >>>>>>>> you to advertise host routes (/32 or smaller) to them using a specific >>>>>>>> BGP >>>>>>>> community when you want your ISP to drop all traffic for the prefix >>>>>>>> before it >>>>>>>> reaches you. This is -very- useful for DDoS defense. >>>>>>>> Josh >>>>>>>> On Sat, May 14, 2016 at 4:16 PM, That One Guy /sarcasm < >>>>>>>> thatoneguyst...@gmail.com > wrote: >>>>>>>>> That requires something specific? >>>>>>>>> On May 14, 2016 7:33 AM, "Erich Kaiser" < er...@northcentraltower.com >>>>>>>>> > wrote: >>>>>>>>>> We have started requiring our upstreams to filter by ASN vs >>>>>>>>>> Netblock. We are >>>>>>>>>> moving away from upstreams that do not utilize IRR Entries and >>>>>>>>>> require >>>>>>>>>> intervention every time we want to make a change, but it is >>>>>>>>>> continuous for us, >>>>>>>>>> so for most guys the one time setup is not a big deal, plus the >>>>>>>>>> upstream has to >>>>>>>>>> be trusting enough that we will have the correct filtering on our >>>>>>>>>> end. >>>>>>>>>> Steve, I would add Blackhole BGP community or session to your list. >>>>>>>>>> Erich Kaiser >>>>>>>>>> The Fusion Network >>>>>>>>>> er...@gotfusion.net >>>>>>>>>> Office: 630-621-4804 >>>>>>>>>> Cell: 630-777-9291 >>>>>>>>>> On Sat, May 14, 2016 at 6:34 AM, Paul Stewart < p...@paulstewart.org >>>>>>>>>> > wrote: >>>>>>>>>>> Or, quite a number of carriers (especially in APAC, some carriers >>>>>>>>>>> in Canada, a >>>>>>>>>>> few in the US, and definitely a large number in Europe) will say >>>>>>>>>>> “do you have >>>>>>>>>>> an IRR entry at RADB?” and if you say yes then they will use the >>>>>>>>>>> route object >>>>>>>>>>> information but if you say no then they will tell you to open a >>>>>>>>>>> ticket with >>>>>>>>>>> their NOC each time you have a prefix to add/remove …. >>>>>>>>>>> I’m actually surprised by the number of transit providers that >>>>>>>>>>> don’t’ support >>>>>>>>>>> automation via IRR >>>>>>>>>>> Paul >>>>>>>>>>> From: Af [mailto: af-boun...@afmug.com ] On Behalf Of Faisal Imtiaz >>>>>>>>>>> Sent: May 13, 2016 9:25 PM >>>>>>>>>>> To: af@afmug.com >>>>>>>>>>> Subject: Re: [AFMUG] Upstream BGP Questionairre >>>>>>>>>>> Let me clarify this a bit more... >>>>>>>>>>> You are recommending that one creates it's own AS Object in the >>>>>>>>>>> IRR..(aka learns >>>>>>>>>>> and manages their own RR entries) (it really does not matter which >>>>>>>>>>> IRR it is, >>>>>>>>>>> at the end of the day they are all sort of synced, it is only a >>>>>>>>>>> question of who >>>>>>>>>>> is maintaining it, and who can provide help to newbies). .. BTW, I >>>>>>>>>>> agree with >>>>>>>>>>> this.. however .... >>>>>>>>>>> Cause at the end of the day, someone in the up-stream is very >>>>>>>>>>> likely to create >>>>>>>>>>> the record for you, if it is needed by them... >>>>>>>>>>> This is one of those things that most carriers find... "too much >>>>>>>>>>> trouble to >>>>>>>>>>> teach vs just do it for that network !" >>>>>>>>>>> :) >>>>>>>>>>> Regards. >>>>>>>>>>> Faisal Imtiaz >>>>>>>>>>> Snappy Internet & Telecom >>>>>>>>>>> 7266 SW 48 Street >>>>>>>>>>> Miami, FL 33155 >>>>>>>>>>> Tel: 305 663 5518 x 232 >>>>>>>>>>> Help-desk: (305)663-5518 Option 2 or Email: >>>>>>>>>>> supp...@snappytelecom.net >>>>>>>>>>>> From: "George Skorup" < geo...@cbcast.com > >>>>>>>>>>>> To: af@afmug.com >>>>>>>>>>>> Sent: Friday, May 13, 2016 7:15:26 PM >>>>>>>>>>>> Subject: Re: [AFMUG] Upstream BGP Questionairre >>>>>>>>>>>> I recommend adding your route or AS objects in ARIN's IRR. Merit >>>>>>>>>>>> RADb is not >>>>>>>>>>>> free. Most carriers use RADb, and RADb mirrors ARIN's IRR anyway. >>>>>>>>>>>> On 5/13/2016 3:49 PM, Faisal Imtiaz wrote: >>>>>>>>>>>>> See answers in-line below:- >>>>>>>>>>>>> Faisal Imtiaz >>>>>>>>>>>>> Snappy Internet & Telecom >>>>>>>>>>>>> 7266 SW 48 Street >>>>>>>>>>>>> Miami, FL 33155 >>>>>>>>>>>>> Tel: 305 663 5518 x 232 >>>>>>>>>>>>> Help-desk: (305)663-5518 Option 2 or Email: >>>>>>>>>>>>> supp...@snappytelecom.net >>>>>>>>>>>>>> From: "That One Guy /sarcasm" <thatoneguyst...@gmail.com> >>>>>>>>>>>>>> To: af@afmug.com >>>>>>>>>>>>>> Sent: Friday, May 13, 2016 11:35:10 AM >>>>>>>>>>>>>> Subject: [AFMUG] Upstream BGP Questionairre >>>>>>>>>>>>>> Im going to expose the breadth of my incompetence here, but >>>>>>>>>>>>>> there are some >>>>>>>>>>>>>> questions in this document I want to make sure im answering >>>>>>>>>>>>>> accurately >>>>>>>>>>>>>> 1. Are you the owner of the AS Number with RIR- This im assuming >>>>>>>>>>>>>> is our ARIN >>>>>>>>>>>>>> direct allocation? >>>>>>>>>>>>> They are asking if you have a AS # assigned to you from ... >>>>>>>>>>>>> (would be ARIN for >>>>>>>>>>>>> North America). >>>>>>>>>>>>>> 2. Are you registered with an Internet Routing Registry? - Im >>>>>>>>>>>>>> not sure what this >>>>>>>>>>>>>> is, is this also ARIN or do I need to register something >>>>>>>>>>>>>> elsewhere? >>>>>>>>>>>>> Routing Registry.... it is a way to build authorized prefixes >>>>>>>>>>>>> from a DataBase... >>>>>>>>>>>>> You can read up about it from here >>>>>>>>>>>>> https://www.arin.net/resources/routing/ >>>>>>>>>>>>> Justin Wilson did a blog about it too... >>>>>>>>>>>>> http://www.mtin.net/blog/?p=245 >>>>>>>>>>>>> and yes ARIN also provides a Routing Registry Service ... (along >>>>>>>>>>>>> with a few >>>>>>>>>>>>> others) >>>>>>>>>>>>>> 3. Which type of routes do you want to receive? - Full routes is >>>>>>>>>>>>>> what we want, >>>>>>>>>>>>>> but are there caveats in this answer I need to be prepared for? >>>>>>>>>>>>> No Caveats, as long as your equipment is able to take full >>>>>>>>>>>>> routes, then do so. >>>>>>>>>>>>>> 4. Do you have downstream ASNs? - I assume this would be >>>>>>>>>>>>>> customers with their >>>>>>>>>>>>>> own allocations? We currently do not, but do not want to close >>>>>>>>>>>>>> the door on that >>>>>>>>>>>>>> in the future. Is this something easily updated in the future? >>>>>>>>>>>>> Answer this question in the Present.. (you don't have any so say >>>>>>>>>>>>> no)... no >>>>>>>>>>>>> future door is closed due to this... this is just info asked / >>>>>>>>>>>>> collected for >>>>>>>>>>>>> the upstream to be able to build their ACL filters.... (This is >>>>>>>>>>>>> also a flag for >>>>>>>>>>>>> them to collect your BGP LOA's as well as your Customers to you..) >>>>>>>>>>>>> This becomes a mute topic, if you are versed in using the Routing >>>>>>>>>>>>> Registry and >>>>>>>>>>>>> maintaining your own Route Objects etc. >>>>>>>>>>>>>> 5. List all prefixes to be announced so that we can confirm the >>>>>>>>>>>>>> BGP ACL prior to >>>>>>>>>>>>>> activation: We only have a /22, but we do want the option down >>>>>>>>>>>>>> the road to pull >>>>>>>>>>>>>> /24 from one provider if need be. Would we list the /24s >>>>>>>>>>>>>> independently or the >>>>>>>>>>>>>> /22 as the aggregate? >>>>>>>>>>>>> You want to ask them for the following:- >>>>>>>>>>>>> xx.xx.xx.xx/22 please use the 'le 24' option with the filter. >>>>>>>>>>>>> Note: this will have them build a filter that can accept larger >>>>>>>>>>>>> prefixes between >>>>>>>>>>>>> 24 - 22, so it is not a 'specific' filter... >>>>>>>>>>>>>> 6. MD5 Password: On this is it standard practice to use the same >>>>>>>>>>>>>> password with >>>>>>>>>>>>>> all providers or different ones? >>>>>>>>>>>>> Your choice... either way.... no big deal, as long as you keep >>>>>>>>>>>>> track of them. >>>>>>>>>>>>>> -- >>>>>>>>>>>>>> If you only see yourself as part of the team but you don't see >>>>>>>>>>>>>> your team as part >>>>>>>>>>>>>> of yourself you have already failed as part of the team. >>>>>>> -- >>>>>>> If you only see yourself as part of the team but you don't see your >>>>>>> team as part >>>>>>> of yourself you have already failed as part of the team. >>>>> --
