CloudFlare IPv6 BGP announcements - WTF guys?
Bernhard Schmidt
berni at birkenwald.de
Mon Jul 16 22:27:37 CEST 2012
On 16.07.2012 21:15, Daniel Roesen wrote:
>> If your modus operandi is to pollute the routing tables, you deserve all the
>> unreachability you get.
> Wether you see /32 PA more-specifics from all the CDN nodes, or PI /48s
> doesn't make a difference at all, technically.
It does in a way. With multiple allocated prefixes (be it /32 or /48, I
don't care) you can be reasonably certain it has been "designed" this
way for your non-interconnected sites. With dozens
less-than-allocation-size prefixes there is no way to programatically
seperate you from the next hillbilly-ISP that never heard of communities
or proper aggregation and just announces their whole iBGP into the world.
Sure, you can put exceptions for Akamai and Cloudflare in your filters.
And then the next CDN-of-the-day, and then ...
I have absolutely nothing against proper and reasonable use of BGP, be
it more-specific or otherwise, but I don't want the next iBGP leak
hitting my routers. So I was filtering on /36 for PA space until now,
hoping for a consensus in the community. Since Akamai still does not
have that /32 in the air again I have to assume it is intentional and
the battle for strict filtering is essentially lost.
Bernhard
More information about the ipv6-ops
mailing list