Karl, you obviously do not understand what global networking
and policy routing mean.
Nonsense. You obviously do not understand what providing robust
Right today we nearly killed all Internet by _not_ doing
paranoid filtering on ANS route announcements (well we
couldn't do it because of certain contractual obligations).
ANS had trouble with generating configuration for ENSS 147,
so they simply dropped all routes at our MAE-East+ box
without filtering they usually do, which would be fine if we
didn't do some upgrades at ICM, which involved changing
preferences in ICM-SL routing, to the effect that SL started
preferring AS 690 as path to many European networks. It resulted
in SprintLink -> Europe traffic being moved from SL->ICM FDDI
connection to SL->ENSS(147)->ANS core->Dante path; which at
the daytime grew and turned out be enough to overload ENSSes
along the path.
Sorry, no. You broke this by doing your own "upgrades" as well. Fact is,
if someone starts flapping badly at you, and they announce many paths
(ie: a significant CPU load is presented by this) you're screwed no matter
HOW MUCH you filter. The equipment available today is designed foolishly --
route update processing and actual packet processing should NEVER be done by
the same CPU -- but it is -- and as such you're dead when this happens.
That cannot be avoided by being a fascist. However, what you can do is make
sure that backup paths don't work at all when things break, and in some
cases you can make sure that you can't reach certain prefixes at all, when
there is a perfectly valid path being announced to you. In some of these
cases of "backhoe fade" and even software failure connectivity has been
impacted when it SHOULD NOT HAVE BEEN by this policy of yours.
Filtering only serves to violate the premise of BGP4 and routing in general -
that the metrics and route weights will guide a packet to the most expeditious
path. When you remove some of those choices, you second-guess the physical
realities of the time.
What you're doing here is *removing* choices. This is bad. Making certain
choices <less desirable> is good, and is how you should get packet loads
and traffic shares to go where you want. But removing some paths from
consideration entirely by pretending they don't exist when in fact they do
serves to violate the integrity of the net as a whole.
Sorry, Karl. Internet is lucky that people who run most big networks
know better than to wait for shit to happen. In the system as large
as Internet shit happens permanently. Somewhere, in the most
Yep. So? You wish to argue with the fact that people do silly, stupid,
inept and sometimes even malicious things? No argument.
Your solution is to lock everyone up BEFORE they do something bad? This
has to tie in with a political philosophy somewhere....