Hi Stephen,
> I used to be a quality control engineer in my career, so I have a
> question to ask from the perspective of a QC guy: what is the Best
> Practice for minimizing, if not totally preventing, this sort of
> problem? Is there a "cookbook" answer to this?
>
As suggested by Job in the thread above,
- deploy RPKI based BGP Origin validation (with invalid == reject)
- apply maximum prefix limits on all EBGP sessions
- ask your router vendor to comply with RFC 8212 ('default deny')
- turn off your 'BGP optimizers' --> You actually don't need that at
all. I survived without any optimizer.
Aslo, read RFC7454 and join MANRS :)
Regards,
Aftab Siddiqui
