I think you misunderstood me. You definitely need prefix filters on the *provider* side, but the CPE doesn't necessarily need them as the impact is hopefully limited to that particular customer. They're always better of course.
GG On 8/20/09, Daniel Roesen <[email protected]> wrote: > On Thu, Aug 20, 2009 at 08:47:14AM -0500, Clue Store wrote: >> 99% of all of our customer CPE is not managed by the customer, so that >> leaves it up to me to decide what to run to them. > > And then you run into the customer who thinks it's better to use a CPE > of his own, breaks into the CPE to read your config and hooks up his own > device with his own config... and suddenly you have Problems[tm]. > > I've seen it happening, more than once. > >> The only issue with using >> ebgp is getting enough of my staff that actually understand bgp to the >> point where they can deploy it themselves without having to get me >> involved >> on every install. > > Am I alone in my view that BGP is _far_ more simple and straight-forward > than OSPF (except in salary negotiations of course *G*)? Especially if > you leave "plain simple area 0". Or if you have to protect from external > parties. With BGP prefix-filtering, things are easy and obvious. > >> We are moving to a new NOC so this network will get a fresh start (new >> 7513-sup720, few m10i's, and a dozen or so 7200vxr's). So my deployment >> strategy will be ebgp with multihmed customers. I just had to poke the >> fire >> so I had some ammo for upper management when they ask why I decide to go >> ebgp. > > :-) > > > Best regards, > Daniel > > -- > CLUE-RIPE -- Jabber: [email protected] -- d...@ircnet -- PGP: 0xA85C8AA0 > >
