While this might be possible this scheme would cause some administrative
problems. Currently the backbone ENSS's and CNSS's carry full external
routes in their tables, with each ENSS having an IBGP session with all
other nodes. I think a better long term solution would be to
try to move away from using default and on to full routing information
exchange at AS borders (using aggregation of course). An example
of the kind of problem we would run into using the ENSS-filtering
approach is that all peers of that ENSS would have to use the
same policy.
Why not split the ENSS's out of the IBGP "cloud" and use external-BGP between
the ENSS's and CNSS's? This would likely require that an addition AS number
and non-140.222 network be assigned to each ENSS, but it seems to fit more
logically into the CNSS/ENSS architecture. It would also greatly reduce the
number of IBGP sessions inside the T3 backbone. Comments?
--Vince