On Tue, Feb 10, 2015 at 12:40:24PM +0100, Mikael Abrahamsson wrote: > On Mon, 9 Feb 2015, Bill Armstrong wrote: > > >To make sure I have consensus on the proposed additions: > > Considering what happened this weekend on AMSIX (someone had configured the > amsix IX lan prefix as /22 (it's /21) on their interface and was announcing > this /22 to the rest of the world), I would suggest the following addition: > > * Filter out all IX LAN prefixes (including smaller parts of it) the > network is connected to, so you don't accept them from anyone outside > your network (most importantly peers and transits).
I agree that IXP Peering LAN prefixes (orlonger) should not be accepted on any session, whether its customer, peer or transit. Accepting a more specific of an IXP you are connected to is a guaranteed path to issues. Kind regards, Job _______________________________________________ BCOP mailing list [email protected] http://mailman.nanog.org/mailman/listinfo/bcop
