Dear Job and NANOG, Just wondering, wouldn't any of you guys consider using full tables in this case, for the ability to detect and avoid prefix hijacks (using RPKI/ROV or other means)?
Of course, I'm focused on security, and I know this is often not a high priority for a real network manager who has many other considerations; just want to know. Thanks. -- Amir On Fri, Jan 24, 2020 at 12:27 PM Job Snijders <j...@instituut.net> wrote: > Dear Brian, > > On Fri, 24 Jan 2020 at 17:40, Brian <brian....@gmail.com> wrote: > >> Hello all. I am having a hard time trying to articulate why a Dual Home >> ISP should have full tables. My understanding has always been that full >> tables when dual homed allow much more control. Especially in helping to >> prevent Async routes. >> > > The advantage of receiving full routing tables from both providers is that > in cases where one of the two providers is not yet fully converged, your > routers will use the other provider for those missing destinations. This > may happen during maintenance or router boot-up in your upstream’s network. > > Another advantage of receiving full routes is that you can manipulate > LOCAL_PREF per destination, or compose routing policy based on per-route > attributes such as BGP communities your upstreams set. It can happen that a > provider is great for 99% of destinations, except a few - without full > tables such granular traffic-engineering can be cumbersome. > > Virtually all internet routing is asymmetric, I wouldn’t consider that an > issue. > > Am I crazy? >> > > I dropped out of university, never completed my psychology studies, I fear > I am unqualified to answer this question. ;-) > > Kind regards, > > Job >
