On 30/Jun/15 15:22, Matsuzaki Yoshinobu wrote:
> I also suggested them to implement BGP community based route filtering
> in their outbound policy. Any other suggestions or thoughts to
> prevent such incidents in general?
- Get your downstreams to create route objects before you turn them up.
- Get your provisioning teams to validate the prefixes being
provided by your downstreams.
- Use both prefix- and AS_PATH-based filters for your downstreams.
- Use BGP communities (as you've stated).
- No exceptions.
Mark.
