I can't find the original message, so replying to the wrong spot in the thread, but... no, filtering /24s is a bad idea if you want (more or less) all your packets to get to their destinations.
If you filter all /24s you will lose reachability to 4x /24s I publish that have no covering route because they are not contiguous and not part of any larger logical aggregate. Then there's the 10-20 legacy /24s I *don't* currently publish - if I start advertising them, you won't be able to reach them, either, because they're in the same boat: discontiguous singletons. There are a LOT of legacy discontiguous IPv4 singletons assigned out of the old Class-C space to small/medium businesses, schools, etc. in the pre-ARIN days, and I would guess that the vast majority of them do not have a correct covering /23 or larger - certainly none of the ones I'm currently working with/aware of do. I believe there's at least a couple of DNS servers running in my /24s, so you could potentially lose access to much more than those /24s. Your packet will *probably* hit a next-hop carrier who happens to have the more-specific /24, and it will *probably* eventually reach me, but I thought everyone more-or-less agreed that internet router was already nondeterministic enough as it is? IMHO, if you don't want all the /24s in your FIB (or even RIB!), just pick a carrier, set a default route, and stop worrying about all the headaches BGP provides. Alternately, a valid technique is to have a default route AND a partial BGP feed (a filtered full feed is by definition a partial feed). That helps optimize outbound routing a little bit, you still get the advantage - mostly - of multiple inbound carriers; but you still have to pick one carrier to do the heavy lifting for you. And you are paying them to route for you, so that's not an unfair shifting of the routing burden, unlike relying on covering routes. Note that this approach does NOT provide any redundancy, unlike having full BGP feeds. Separately, I don't know if Geoff has produced such a survey/article, but if not he can probably type it from memory by now :-). Adam Thompson Consultant, Infrastructure Services MERLIN 100 - 135 Innovation Drive Winnipeg, MB R3T 6A8 (204) 977-6824 or 1-800-430-6404 (MB only) https://www.merlin.mb.ca Chat with me on Teams: athomp...@merlin.mb.ca > -----Original Message----- > From: NANOG <nanog-bounces+athompson=merlin.mb...@nanog.org> On Behalf Of > Stephane Bortzmeyer > Sent: October 10, 2022 10:21 AM > To: Edvinas Kairys <edvinas.em...@gmail.com> > Cc: NANOG Operators' Group <nanog@nanog.org> > Subject: Re: any dangers of filtering every /24 on full internet table to > preserve FIB space ? > > On Mon, Oct 10, 2022 at 05:58:45PM +0300, > Edvinas Kairys <edvinas.em...@gmail.com> wrote > a message of 35 lines which said: > > > But theoretically every filtered /24 could be routed via smaller > > prefix /23 /22 /21 or etc. > > I don't think this is true, even in theory, specially for legacy > prefixes. There is probably somewhere a Geoff Huston survey on /24 > without a covering route.
