I've been trying hard to come up with a solution regarding this, but i haven't
decided yet which one is the best.
From the perspective of an ISP, how do you characterize the p2p addresses
given for a point-to-point connection to a)
customers with their own ASN b) customers without an ASN?
On Nov 6, 2012, at 6:32 PM, Tassos Chatzithomaoglou wrote:
Do you consider them infrastructure addresses or customer addresses?
They're infrastructure addresses.
Do you put them in your IGP or in BGP?
You should treat them as you do your other infrastructure addresses (i.e., if
you're
Having an iACL format like below, that means that i would have to add at least
one extra permit entry before the
spoofing entries.
deny MARTIANS/BOGONS
deny SPOOFING
deny PROTOCOLS/PORTS
permit BGP-PEERINGS
permit TUNNELS
deny INFRASTRUCTURE
permit ANY
If that's indeed the case, what
On Nov 6, 2012, at 7:31 PM, Tassos Chatzithomaoglou wrote:
Only specific types of icmp messages?
That, plus the routing session (if any) with your customer, plus anything else
that's situationally-specific (GRE tunnel termination, etc.).
Roland, how do you handle customer requests regarding the remote management of
their devices?
i.e. if the customer wants to do any kind of management (ssh, snmp) from
outside his router, he must use our
infrastructure address (which is configured on his router) as a destination.
Generally, the
We generally perform all the management needed for our customer's circuits. If
the customer is wanting to remotely manage their own router and etc then you
should adjust your iACL to grant the customer access only on the IP on their
router interface not the whole /30 or etc. Or if you've routed
Well if you’re null routing the /30 then you or them should have a /32 or
larger for NAT or no RFC space behind it.
-Original Message-
From: Tassos Chatzithomaoglou [mailto:ach...@forthnetgroup.gr]
Sent: Wednesday, 7 November 2012 2:45 a.m.
To: Dobbins, Roland
Cc: NANOG list
Subject:
On 11/6/2012 5:44 AM, Tassos Chatzithomaoglou wrote:
Roland, how do you handle customer requests regarding the remote management of
their devices?
i.e. if the customer wants to do any kind of management (ssh, snmp) from
outside his router, he must use our
infrastructure address (which is
8 matches
Mail list logo