T3 or not to T3

It's pretty easy to enforce "no transit" at the packet filtering level
-- only packets destined for my nets will be allowed in. Is there some
other aspect of filtering I'm forgetting about? We have a dedicated
and backup network engineer at any rate. The border router would be a
cisco 7200 or 7500 series with 128Mb.


Hmm... If you do provide transit for others, making a dynamic filter
can be difficult if you base transit on as-path filters rather than
route filters.

I hear that Sprint, one of the few large providers (that imposes filters
on customer BGP sessions) that still bases customer peering filters on
as-path filters rather than on a per-session route filter list either
manually constructed or built automagically from databases, is considering
going or is going to go to route filtering its customer sessions rather
than as-path filtering. Now, I'm talking here about the BGP sessions,
not the actual flow of data. And it's been a long weekend, sorry if that
sentence was hard to parse.


This makes sense is this the "Right Way" to do things, IMO. However, this
requires a significant degree of router configuration automation, and some
sort a reliable database to do in a large scale.

But then again, I'm sure Sprint has the resources to handle this type of a