Hi,

so to answer my own posting and statement b): I have pushed

https://github.com/ipcjk/asnbuilder

to git, which is basically building Brocade MLX-compatible regular expressions out of the official as numbers and therefore can be used to clean up your router from NIC-regions that you might want reach via a default route.

E.g.
./main -region "AFRINIC"  | head -n 10
ip as-path access-list region-summary permit _3276[8-9][0-9]|_327[7-9][0-9][0-9]|_328[0-6][0-9][0-9]|_32870[0-3]$
ip as-path access-list region-summary permit _122[8-9]|_123[0-2]$
ip as-path access-list region-summary permit _2018$
ip as-path access-list region-summary permit _2561$
ip as-path access-list region-summary permit _2905$
ip as-path access-list region-summary permit _306[7-8]$
ip as-path access-list region-summary permit _3208$

./main  -help
Usage of ./main:
  -acltitle string
        Title for generated as-path list (default "region-summary")
  -permitOrDeny int
        Deny = 0, Permit = 1 (default 1)
  -region string
        Comma separated list with region for generated prefix
  -summary
        Print summary of downloaded lists only

./main  -summary
2016/09/15 12:53:02 APNIC [119 table entries]
2016/09/15 12:53:02 RIPE NCC [248 table entries]
2016/09/15 12:53:02 LACNIC [683 table entries]
2016/09/15 12:53:02 AFRINIC [201 table entries]
2016/09/15 12:53:02 ARIN [1046 table entries]

Next I need a tool to clean up redundant more specific prefixes.

Jörg


On 13 Sep 2016, at 8:38, Jörg Kost wrote:

Hi!

Installing the default route is a valid option, if you do no need the as path information in the BGP table, in SFLOW packets and attached tools. In my eyes that is a big trade-off.

So I think for me one of these options will come first:

a) Hence of ROHS 2016 there is an end of sale for several X-boards in Europe and the smallest version that you can buy is now a 10-port licensed GX20-X2. Depending on the growth or the replacement attitude, the X2 will come sooner or later and can replace one or two X-cards at once. If you sell BGP full feeds to customers, you will need the X2 sooner or later.

b) I will block certain ranges and as-numbers by regions and will also install a default route and extend our tools to resolve the as-path later. Not pretty but it can bridge the time and extend life of current boards.

Conclusion: If there is memory to fill, people will (ab)use it. The whole disaggregation of IPv6, this is just the beginning.

Jörg

_______________________________________________
foundry-nsp mailing list
foundry-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/foundry-nsp

Reply via email to