We're going to look at the first example
which is how we connect to one upstream
provider and one local peer. It's a very
common situation in many regions of the
internet we connect to the upstream
provider to see the whole internet and
we connect to the local competition so
that the local traffic will stay local a
mis means we save valuable finances on
upstream transit costs for local traffic
let's look at the diagram we've got
AS100 connecting to AS120 which is a
local pier and connecting to AS130
which is the upstream provider so what
do we do here we're going to announce
the 19 aggregate on each link I think
you probably have got that message by
now we're always announcing the
aggregate everywhere we accept the
default route only from the upstream
provider that's absolutely no need for
the full BGP table doesn't give us any
extra information that's useful for the
traffic engineering and we accept all
routes that the local peer originates
this pier is literally an equivalent
network so we're swapping the routes
that we introduce into the internet with
them and this will ensure that local
traffic will use the local link between
them and ourselves rather than going
through the upstream transit provider
and attracting transit costs. Let's look
at the router A configuration. Router A
connects to the local peer and as with
all bgp sessions to other autonomous
systems we have inbound and outbound
filters the outbound filter my block
lets my prefixes out to the local pier
and the prefix list AS120 peer in only
accepts their prefixes that they
originate in to your network
that's quite a simple configuration an
alternative way of doing this is to use
an ear spot filter for the inbound
announcements this pass filter only
allows prefixes originated by AS120 but
there's a risk there
yes 120 could originate anything and you
have no control over what that might be
so while some operators do use this
configuration it's extremely trusting
that the peer is not going to announce
or miss announce prefixes towards you if
we look at router C which connects to
the upstream provider all we have here
is a prefix list allowing the default
route in and a prefix list allowing the
local aggregate ID pad so in this case
we've got a default route from the
upstream provider and we're allowed in a
couple of prefixes from our local peer
hardly a complicated BGP configuration
and this is all that's required the two
configurations possible for router a
prefix list is the best way of doing it
it's industry standard although you may
be a bit worried about the extra
maintenance what if the peer introduces
another prefix you have to update your
filter
well again industry best practices are
such that if the PM's uses another
prefix the peer would let you know
please update your filters to allow this
new prefix in the filter list filtering
by AS path assumes that peer knows what
they're doing and is very very trusting
in fact some network operators use both
they have a prefix list as well as an S
path filter they're trying to make very
sure that no miss origination can happen
on the local peering link and the result
of all this is local traffic goes to and
from the local peer everything else goes
to the upstream should the link between
you and the local peer go away then the
traffic will get back up through
the upstream provider temporary
situation until the local peering link
is restored just some configuration
recommendations before we move on a
private peer is a network operator that
you only want to exchange prefixes that
you originate with sometimes they
exchange prefixes from neighboring ASNs.
as well they may have BGP customers that
they wish to share with you but be aware
that the private peer eBGP router should
carry only the prefixes you want the
private peer to receive otherwise they
could point a default route to you and
unintentionally or deliberately transit
your backbone so make sure that peering
routers do not carry full BGP table or do
not have a default route on them and
that's again industry best practice
peering routers only carry the prefixes
you want your peers to be able to reach.
© Produced by Philip Smith and the Network Startup Resource Center, through the University of Oregon.
Attribution-NonCommercial 4.0 International (CC BY-NC 4.0)
This is a human-readable summary of (and not a substitute for) the license. Disclaimer. You are free to: Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material The licensor cannot revoke these freedoms as long as you follow the license terms. Under the following terms: Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. NonCommercial — You may not use the material for commercial purposes. No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.