GroupStudy.com GroupStudy.com - A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
Re: OT: Black holes and BGP posted 09/17/2004
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


Why would the ISP continue to advertise YOUR prefix if you are unavailable ?

One gotcha I've seen is that some ASs do prefer routes through some peers no matter what prepending you do on that. But the longest match rule seems to hold even then, so you may fix it by doing holes, for the happyness of the whole internet routing table growing :-)

If the problem is forcing one or the other, conditional advertising is the way to go AFAIK. But I'm sure I'm missing something...

Anthony Pace wrote:
Does anyone know of a mechanism, or troubleshooting methodology for
diagnosing a partial Internet Outage of INGRESS traffic?

My network is multi-homed to 2 ISPs, which land on 2 separate routers
(which come in on 2 different ILEC's physical media). Each of these
routers peers with the respective ISP and each other. There is
flexibility to allow some address blocks to be advertised so that the
INGRESS traffic will arrive at one or the other ISP links (and PREPENDS
to the other ISP create an alternate route.)


This architecture is an automatic failover for loss of router, circuit,
or BGP session, but does nothing to protect against one of the providers
advertising one of our address blocks and "black holing" the traffic
(due to an outage or whatever). The world will not take the alternate,
longer AS-PATH route from the second provider so long as the "problem
provider" is announcing a more attractive route.

The solution requires a human intervention (once it is determined that
"some" people can't reach the address space.) I know there are services
that will monitor your Internet presence and notify you if parts of the
world are not able to reach you. I know there are public route servers,
which can be checked in the event a problem is suspected.

Does anyone know of a mechanism or a methodology that can be used in
such a scenario? I know there allot of smart people on this list and I
bet some of you have dealt with this exact scenario.


Sorry for the off topic post.

Anthony Pace CCIE 10349

-- Carlos G Mendioroz <tron@xxxxxxxxxxx> LW7 EQI Argentina