[afnog] bgp communities - please

Frank Habicht geier at geier.ne.tz
Wed Oct 13 04:41:43 UTC 2010


very good one, Mark.

On 10/11/2010 8:43 PM, Mark Tinka wrote:
> Sadly, this is an artifact of classic IOS, where the BGP 
> community capability needs to be specifically turned on.

Hi Philip!
;-)

> I believe a number of folk have requested Cisco to revise 
> this so BGP communities are enabled by default, but hey, 
> planes don't have bad landings - it's just the asphalt 
> making contact with them :-).

:-)
+1


to explain more:
peers at IXP get prefixes with NO_EXPORT.
and some prefixes, of former or inactive customers are getting out to
upstream.
Causing pain to _my_ customers who's prefix I announce at IXP and it
gets leaked out (and blackholed)  :-(      [1]

through 3 different peers leaking already (not continuously).
getting close to a) naming them in public and b) asking their upstreams
on Nanog to filter them more.

at $dayjob I recently started to use communities here and told ISP
customers:
put this (37084:999) and we won't announce to upstream. First most
useful community. Still advertised to peers and customers.

everyone: you can do that too!

Frank

[1] and yes..... if it wasn't multilateral peering .......




More information about the afnog mailing list