Several times over the past few years, the NANOG list has discussed the
topic of if or how non-transit peer BGP announcements should be filtered.
I searched through the archives, but couldn't find where anyone had
published a summary of best practices for filtering announcements from
peers that aren't one of the "top N" (for some debatable value of N)
NSPs.
What I am looking for is a set of filters that implement a sanity check
to catch some of the recurring BGP config problems. For example,
if SmallTime Internet suddenly starts announcing that they provide transit for
UUNET, I don't want there to be any chance that I will start sending my
UUNET-bound traffic to SmallTime.
Some of the "rules" I can think of would be:
- peers should not be announcing transit routes from the top N transit
providers (implemented via AS filter-list blocking the top transit ASNs)
- peers should not be announcing RFC1918 networks (implemented by prefix-list)
- peers should not be announcing the same networks that "I" originate
- peers should not be announcing a default route
- peers should not announce more than n-thousand routes (implemented
using the Cisco 'maximum-prefix' option)
These rules would theoretically be applied to any peers who weren't part of the "top N." In practice, I'm thinking of peers that announce 1 to a few thousand
prefixes.
Is the idea even feasible? If so, what other rules make sense? One other
option would be to limit announcements to /24 and shorter. Is there any
agreement on the "top N" ASNs that "normal" peers shouldn't be announcing?
Thanks.
-dpm
P.S. My interest is not just academic. These filters will get installed
on one of my customers' networks. They have had a fair number of problems
with peers announcing routes that they shouldn't and I am looking for ways
to help reduce the problem.