[6bone] private ASNs and the Default-Free-Zone
Gert Doering
gert@space.net
Fri, 25 Oct 2002 14:45:58 +0200
Hi,
On Fri, Oct 25, 2002 at 06:15:51AM -0400, John Fraizer wrote:
> This is not a problem:
>
> ipv6-site: COMPENDIUM-AR
> origin: AS45328
> descr: Compendium, Buenos Aires, AR
> country: AR
> prefix: 3FFE:8260::/28
I disagree. It's not a major problem, like the one below, but I think
this object should not be there either.
> *THIS* is a problem:
>
>
> Border2-BGP> sh ipv6 bgp 3ffe:8260:2010:1:2a0:c9ff:fe01:9600
> BGP routing table entry for 3ffe:8260::/28
> Paths: (11 available, best #8, table Default-IP-Routing-Table)
>
> 1930 2200 5511 1752 1849 1890 45328
Strongly seconded.
[..]
> Come on, if Nicolas can get an ASN, so can COMPENDIUM.
And if you don't have an AS#, use a private AS, don't just grab any number
that seems to be available.
> Beyond that, if you peer with someone who uses a private ASN, use the
> following command (or equiv for your router) on the peering session:
>
> neighbor 3ffe:xxxx::xxxx remove-private-AS
And make sure that you never ever do transit through a private AS# - it
will really break everything related to BGP paths, like "find a short
path", or "troubleshoot weird problems".
Even better, never give transit to a private AS# either.
Give that enterprise connectivity, yes, but do it static, and don't
mess with BGP origin AS manipulations.
Gert Doering
-- NetMaster
--
Total number of prefixes smaller than registry allocations: 48540 (48282)
SpaceNet AG Mail: netmaster@Space.Net
Joseph-Dollinger-Bogen 14 Tel : +49-89-32356-0
80807 Muenchen Fax : +49-89-32356-299