[PDB Tech] route-server information add-on

Job Snijders job at instituut.net
Mon Dec 12 05:25:11 PST 2016


On Mon, Dec 12, 2016 at 01:58:51PM +0100, Arnold Nipper wrote:
> What does it help when everyone is able to set the flag and you can't
> trust that this really is a route server net?

It helps on the configuration generation side:

    If "route server" == true:
        no bgp enforce-first-as
        no bgp next-hop peer-address
        no as_path_filter "^$peer_asn_"
    else:
        bgp enforce-first-as
        bgp next-hop peer-address
        as_path_filter XYZ

The above pseudo code is assuming people generate config straight from
PDB, in addition to the above, a PDB user can programmatically enforce
their:

    "we peer with every route server"-policy
    or "we dont peer with any route servers"-policy
    or "we only peer with route servers operated by the IXP themselves"-policy

So one could argue there is a wide varierty of decisions that can be
assisted if your peers self-report whether they are perform a Route
Server function or not.

All data retrieved from PDB must be validated against an operators own
policy and procedures. I always consider PDB data to be a raw resources,
this does not have to do with (lack of) trust, but rather with making
assisted choices.

Hope this clarifies the use case.

Kind regards,

Job


More information about the Pdb-tech mailing list