[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Peering + Transit Circuits

Subject: Peering + Transit Circuits
From: andy at nosignal.org (Andy Davidson)
Date: Wed, 19 Aug 2015 17:54:48 +0000
In-reply-to: <[email protected]>
References: <CAE_ug143GsMN3+CNz=AgTr+xjGWY2CrmXYW=jf36JQ3AAnukFw@mail.gmail.com> <[email protected]>

Hi, Max --

On 19/08/2015 17:36, Max Tulyev <maxtul at netassist.ua> wrote:

>My solution is:
>
>1. Don't care.
>2. If some peer steal your transit, and it is noticeable amount of
>traffic causing some problems for you - investigate and terminate that peer.

Unless this bandwidth fraud is taking place over a public peering LAN (IX).  You could find that a non-peer is ?stealing bandwidth?.  In which case, tell the IX operator (they *do* care, and *do* want to stop abusive or fraudulent behaviour).  

You can, if paranoid, apply some l2/3 filters to only hear from expected peers at the IX (which prevents non-peers from pointing statics at you, but not peers though.)  How paranoid shall we take it ?  You can also - with a small enough customer footprint - perhaps put each peer into their own VRF and apply policies which prohibit forwarding except to customer prefixes.  

-a

References:
- Peering + Transit Circuits
  - From: tdurack at gmail.com (Tim Durack)
- Peering + Transit Circuits
  - From: maxtul at netassist.ua (Max Tulyev)

Prev by Date: Peering + Transit Circuits
Next by Date: Suddenlink: Texas panhandle
Previous by thread: Peering + Transit Circuits
Next by thread: [c-nsp] Peering + Transit Circuits
Index(es):
- Date
- Thread