IXP LANs should not be announced via BGP (or your IGP either). See section 3.1: http://nabcop.org/index.php/BCOP-Exchange_Points_v2
On Thu, Dec 20, 2018 at 12:50 PM Dominic Schallert <d...@schallert.com> wrote: > Hi all, > > this might be a stupid question but today I was discussing with a > colleague if Peering-LAN prefixes should be re-distributed/announced to > direct customers/peers. My standpoint is that in any case, Peering-LAN > prefixes should be filtered and not announced to peers/customers because a > Peering-LAN represents some sort of DMZ and there is simply no need for > them to be reachable by third-parties not being physically connected to an > IXP themselves. Also from a security point of view, a lot of new issues > might occur in this situation. > > I’ve been seeing a few transit providers lately announcing (even > reachable) Peering-LAN prefixes (for example DE-CIX Peering LAN) to their > customers. I’m wondering if there is any document or RFC particularly > describing this matter? > > Thanks > Dominic > -- [stillwa...@gmail.com ~]$ cat .signature cat: .signature: No such file or directory [stillwa...@gmail.com ~]$
