I'm glad it's hairs and not atoms. On Mon, May 16, 2016 at 7:33 PM, Faisal Imtiaz <fai...@snappytelecom.net> wrote:
> Yeah, that was about the only thing I could come up with as being the most > practical reason.... (e.g. when doing bgp on a CCR etc). > but even then the logic validity of this as a solution to the problem is > questionable, however giving the appearance of a possible solution... I > will buy that .. > > But then again, I may be just splitting hairs... > > :) > > > Faisal Imtiaz > Snappy Internet & Telecom > 7266 SW 48 Street > Miami, FL 33155 > Tel: 305 663 5518 x 232 > > Help-desk: (305)663-5518 Option 2 or Email: supp...@snappytelecom.net > > ------------------------------ > > *From: *"Erich Kaiser" <er...@northcentraltower.com> > *To: *af@afmug.com > *Sent: *Monday, May 16, 2016 8:03:32 PM > *Subject: *Re: [AFMUG] Upstream BGP Questionairre > > Some people want default route and full routes because of route > propagation/population, this way if your session resets you at least can > get online right away. > > > Erich Kaiser > North Central Tower > er...@northcentraltower.com > Office: 630-621-4804 > Cell: 630-777-9291 > > > On Mon, May 16, 2016 at 11:03 AM, Faisal Imtiaz <fai...@snappytelecom.net> > wrote: > >> What I meant to ask is ..... >> >> Why get the default route via BGP from your Upstream... Why not set is >> statically (ip sla track, or monitor gateway etc). >> >> IF your bgp sessions goes down, then your prefixes are withdrawn anyway.. >> so I am not sure what that will cover you for.. >> >> In regards to OSPF redistributing default routes, I believe managing a >> statically done default route is easier and safer to inject and manage, vs >> one coming from your upstream. >> >> Faisal Imtiaz >> Snappy Internet & Telecom >> 7266 SW 48 Street >> Miami, FL 33155 >> Tel: 305 663 5518 x 232 >> >> Help-desk: (305)663-5518 Option 2 or Email: supp...@snappytelecom.net >> >> ------------------------------ >> >> *From: *"Cassidy B. Larson" <c...@infowest.com> >> *To: *af@afmug.com >> *Sent: *Monday, May 16, 2016 11:18:16 AM >> *Subject: *Re: [AFMUG] Upstream BGP Questionairre >> >> We do a cisco ip sla track to make sure BGP is up on the upstream facing >> interface for the static default to be valid. >> >> On May 16, 2016, at 9:04 AM, Faisal Imtiaz <fai...@snappytelecom.net> >> wrote: >> Interesting.... Carl, doing a manual static default route does not do the >> trick for you ? >> >> Regards. >> >> Faisal Imtiaz >> Snappy Internet & Telecom >> 7266 SW 48 Street >> Miami, FL 33155 >> Tel: 305 663 5518 x 232 >> >> Help-desk: (305)663-5518 Option 2 or Email: supp...@snappytelecom.net >> <supp...@snappytelecom.net> >> >> ------------------------------ >> >> *From: *"Carl Peterson" <cpeter...@portnetworks.com> >> *To: *af@afmug.com >> *Sent: *Monday, May 16, 2016 10:42:35 AM >> *Subject: *Re: [AFMUG] Upstream BGP Questionairre >> >> For #3, I generally ask for full route + a default. The default is for >> default information originate for OSPF. If there isn't a default in the >> routing table, my edge router won't advertise a default to non-bgb ospf >> peers. You don't want a static default in case the peer goes down. >> >> >> On Mon, May 16, 2016 at 7:20 AM, Josh Baird <joshba...@gmail.com> wrote: >> >>> Many providers refer to this as 'RTBH' (remotely triggered blackhole >>> filtering). >>> Josh >>> >>> On Sun, May 15, 2016 at 10:21 PM, That One Guy /sarcasm < >>> thatoneguyst...@gmail.com> wrote: >>> >>>> that request, lacking my fundamental understanding of the terminology, >>>> would be phrased how? >>>> >>>> On Sat, May 14, 2016 at 5:56 PM, Josh Baird <joshba...@gmail.com> >>>> wrote: >>>> >>>>> Yes, it requires your upstream to support a blackhole BGP community. >>>>> This allows you to advertise host routes (/32 or smaller) to them using a >>>>> specific BGP community when you want your ISP to drop all traffic for the >>>>> prefix before it reaches you. This is -very- useful for DDoS defense. >>>>> Josh >>>>> >>>>> On Sat, May 14, 2016 at 4:16 PM, That One Guy /sarcasm < >>>>> thatoneguyst...@gmail.com> wrote: >>>>> >>>>>> That requires something specific? >>>>>> On May 14, 2016 7:33 AM, "Erich Kaiser" <er...@northcentraltower.com> >>>>>> wrote: >>>>>> >>>>>>> We have started requiring our upstreams to filter by ASN vs >>>>>>> Netblock. We are moving away from upstreams that do not utilize IRR >>>>>>> Entries and require intervention every time we want to make a change, >>>>>>> but >>>>>>> it is continuous for us, so for most guys the one time setup is not a >>>>>>> big >>>>>>> deal, plus the upstream has to be trusting enough that we will have the >>>>>>> correct filtering on our end. >>>>>>> >>>>>>> Steve, I would add Blackhole BGP community or session to your list. >>>>>>> >>>>>>> Erich Kaiser >>>>>>> The Fusion Network >>>>>>> er...@gotfusion.net >>>>>>> Office: 630-621-4804 >>>>>>> Cell: 630-777-9291 >>>>>>> On Sat, May 14, 2016 at 6:34 AM, Paul Stewart <p...@paulstewart.org> >>>>>>> wrote: >>>>>>> >>>>>>>> Or, quite a number of carriers (especially in APAC, some carriers >>>>>>>> in Canada, a few in the US, and definitely a large number in Europe) >>>>>>>> will >>>>>>>> say “do you have an IRR entry at RADB?” and if you say yes then they >>>>>>>> will >>>>>>>> use the route object information but if you say no then they will tell >>>>>>>> you >>>>>>>> to open a ticket with their NOC each time you have a prefix to >>>>>>>> add/remove >>>>>>>> …. >>>>>>>> >>>>>>>> >>>>>>>> I’m actually surprised by the number of transit providers that >>>>>>>> don’t’ support automation via IRR >>>>>>>> >>>>>>>> >>>>>>>> Paul >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> *From:* Af [mailto:af-boun...@afmug.com] *On Behalf Of *Faisal >>>>>>>> Imtiaz >>>>>>>> *Sent:* May 13, 2016 9:25 PM >>>>>>>> *To:* af@afmug.com >>>>>>>> *Subject:* Re: [AFMUG] Upstream BGP Questionairre >>>>>>>> >>>>>>>> >>>>>>>> Let me clarify this a bit more... >>>>>>>> >>>>>>>> >>>>>>>> You are recommending that one creates it's own AS Object in the >>>>>>>> IRR..(aka learns and manages their own RR entries) (it really does not >>>>>>>> matter which IRR it is, at the end of the day they are all sort of >>>>>>>> synced, >>>>>>>> it is only a question of who is maintaining it, and who can provide >>>>>>>> help to >>>>>>>> newbies). .. BTW, I agree with this.. however .... >>>>>>>> >>>>>>>> >>>>>>>> Cause at the end of the day, someone in the up-stream is very >>>>>>>> likely to create the record for you, if it is needed by them... >>>>>>>> >>>>>>>> This is one of those things that most carriers find... "too much >>>>>>>> trouble to teach vs just do it for that network !" >>>>>>>> >>>>>>>> >>>>>>>> :) >>>>>>>> >>>>>>>> >>>>>>>> Regards. >>>>>>>> >>>>>>>> >>>>>>>> Faisal Imtiaz >>>>>>>> Snappy Internet & Telecom >>>>>>>> 7266 SW 48 Street >>>>>>>> Miami, FL 33155 >>>>>>>> Tel: 305 663 5518 x 232 >>>>>>>> >>>>>>>> Help-desk: (305)663-5518 Option 2 or Email: >>>>>>>> supp...@snappytelecom.net >>>>>>>> >>>>>>>> ------------------------------ >>>>>>>> >>>>>>>> *From: *"George Skorup" <geo...@cbcast.com> >>>>>>>> *To: *af@afmug.com >>>>>>>> *Sent: *Friday, May 13, 2016 7:15:26 PM >>>>>>>> *Subject: *Re: [AFMUG] Upstream BGP Questionairre >>>>>>>> >>>>>>>> I recommend adding your route or AS objects in ARIN's IRR. Merit >>>>>>>> RADb is not free. Most carriers use RADb, and RADb mirrors ARIN's IRR >>>>>>>> anyway. >>>>>>>> >>>>>>>> On 5/13/2016 3:49 PM, Faisal Imtiaz wrote: >>>>>>>> >>>>>>>> See answers in-line below:- >>>>>>>> >>>>>>>> >>>>>>>> Faisal Imtiaz >>>>>>>> Snappy Internet & Telecom >>>>>>>> 7266 SW 48 Street >>>>>>>> Miami, FL 33155 >>>>>>>> Tel: 305 663 5518 x 232 >>>>>>>> >>>>>>>> Help-desk: (305)663-5518 Option 2 or Email: >>>>>>>> supp...@snappytelecom.net >>>>>>>> >>>>>>>> ------------------------------ >>>>>>>> >>>>>>>> *From: *"That One Guy /sarcasm" <thatoneguyst...@gmail.com> >>>>>>>> <thatoneguyst...@gmail.com> >>>>>>>> *To: *af@afmug.com >>>>>>>> *Sent: *Friday, May 13, 2016 11:35:10 AM >>>>>>>> *Subject: *[AFMUG] Upstream BGP Questionairre >>>>>>>> >>>>>>>> Im going to expose the breadth of my incompetence here, but there >>>>>>>> are some questions in this document I want to make sure im answering >>>>>>>> accurately >>>>>>>> >>>>>>>> 1. Are you the owner of the AS Number with RIR- This im assuming is >>>>>>>> our ARIN direct allocation? >>>>>>>> >>>>>>>> They are asking if you have a AS # assigned to you from ... (would >>>>>>>> be ARIN for North America). >>>>>>>> >>>>>>>> 2. Are you registered with an Internet Routing Registry? - Im not >>>>>>>> sure what this is, is this also ARIN or do I need to register something >>>>>>>> elsewhere? >>>>>>>> >>>>>>>> Routing Registry.... it is a way to build authorized prefixes from >>>>>>>> a DataBase... >>>>>>>> >>>>>>>> You can read up about it from here >>>>>>>> https://www.arin.net/resources/routing/ >>>>>>>> >>>>>>>> >>>>>>>> Justin Wilson did a blog about it too... >>>>>>>> http://www.mtin.net/blog/?p=245 >>>>>>>> >>>>>>>> >>>>>>>> and yes ARIN also provides a Routing Registry Service ... (along >>>>>>>> with a few others) >>>>>>>> >>>>>>>> >>>>>>>> 3. Which type of routes do you want to receive? - Full routes is >>>>>>>> what we want, but are there caveats in this answer I need to be >>>>>>>> prepared >>>>>>>> for? >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> No Caveats, as long as your equipment is able to take full routes, >>>>>>>> then do so. >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> 4. Do you have downstream ASNs? - I assume this would be customers >>>>>>>> with their own allocations? We currently do not, but do not want to >>>>>>>> close >>>>>>>> the door on that in the future. Is this something easily updated in the >>>>>>>> future? >>>>>>>> >>>>>>>> Answer this question in the Present.. (you don't have any so say >>>>>>>> no)... no future door is closed due to this... this is just info asked >>>>>>>> / >>>>>>>> collected for the upstream to be able to build their ACL filters.... >>>>>>>> (This >>>>>>>> is also a flag for them to collect your BGP LOA's as well as your >>>>>>>> Customers >>>>>>>> to you..) >>>>>>>> >>>>>>>> >>>>>>>> This becomes a mute topic, if you are versed in using the Routing >>>>>>>> Registry and maintaining your own Route Objects etc. >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> 5. List all prefixes to be announced so that we can confirm the BGP >>>>>>>> ACL prior to activation: We only have a /22, but we do want the option >>>>>>>> down >>>>>>>> the road to pull /24 from one provider if need be. Would we list the >>>>>>>> /24s >>>>>>>> independently or the /22 as the aggregate? >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> You want to ask them for the following:- >>>>>>>> >>>>>>>> >>>>>>>> xx.xx.xx.xx/22 please use the 'le 24' option with the filter. >>>>>>>> >>>>>>>> >>>>>>>> Note: this will have them build a filter that can accept larger >>>>>>>> prefixes between 24 - 22, so it is not a 'specific' filter... >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> 6. MD5 Password: On this is it standard practice to use the same >>>>>>>> password with all providers or different ones? >>>>>>>> >>>>>>>> >>>>>>>> Your choice... either way.... no big deal, as long as you keep >>>>>>>> track of them. >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> >>>>>>>> If you only see yourself as part of the team but you don't see your >>>>>>>> team as part of yourself you have already failed as part of the team. >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> >>>>> >>>> >>>> >>>> -- >>>> If you only see yourself as part of the team but you don't see your >>>> team as part of yourself you have already failed as part of the team. >>>> >>> >>> >> >> >> -- >> >> >> >> >> >> >