BGP filtering PA and PI blocks

BGP filtering PA and PI blocks
NewsGroups | Search | Tools
User Password
Register Now! Lost Password?
 comp.dcom.sys.cisco  Post an article  get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content  add this group's latest topics to your Google content  YahooMyWeb Yahoo!  Google Google  Windows Live Favorites Windows Live  del.icio.us del.icio.us  digg digg  Add to Netscape Netscape
Subject Author Date
BGP filtering PA and PI blocks Glen Watson 06-12-2006
Posted by Glen Watson on June 12, 2006, 9:45 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Allot of documenation i have read suggest PA blocks are less likley to be
filtered out of BGP announcements that PI blocks.

Out of curiousity how does a filter differenciate between a PA and PI block,
i would have thought an address block can only be differentiated by its
prefix length alone ?



Posted by Arnold Nipper on June 12, 2006, 7:06 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
On 12.06.2006 15:45 Glen Watson wrote

> Allot of documenation i have read suggest PA blocks are less likley to be
> filtered out of BGP announcements that PI blocks.
>
> Out of curiousity how does a filter differenciate between a PA and PI block,
> i would have thought an address block can only be differentiated by its
> prefix length alone ?
>
>

Have for example a look at

inetnum: 195.50.106.0 - 195.50.106.255
netname: YAHOONET
descr: YAHOONET
country: GB
admin-c: KW3969-RIPE
tech-c: LTHM
status: ASSIGNED PA
remarks: all abuse reports to abuse@level3.com
mnt-by: LEVEL3-MNT
mnt-lower: LEVEL3-MNT
mnt-routes: YAHOO-MNT
source: RIPE # Filtered


The status field gives you information about PA or PI


Arnold
--
Arnold Nipper, AN45

Posted by Glen Watson on June 13, 2006, 8:16 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Thanks.

So do isp's actually compile a list PA an PI space using whois and put this
information into thier BGP route filters ? Seems it would be a very tedious
way of filtering PI announcements.

> On 12.06.2006 15:45 Glen Watson wrote
>
> > Allot of documenation i have read suggest PA blocks are less likley to
be
> > filtered out of BGP announcements that PI blocks.
> >
> > Out of curiousity how does a filter differenciate between a PA and PI
block,
> > i would have thought an address block can only be differentiated by its
> > prefix length alone ?
> >
> >
>
> Have for example a look at
>
> inetnum: 195.50.106.0 - 195.50.106.255
> netname: YAHOONET
> descr: YAHOONET
> country: GB
> admin-c: KW3969-RIPE
> tech-c: LTHM
> status: ASSIGNED PA
> remarks: all abuse reports to abuse@level3.com
> mnt-by: LEVEL3-MNT
> mnt-lower: LEVEL3-MNT
> mnt-routes: YAHOO-MNT
> source: RIPE # Filtered
>
>
> The status field gives you information about PA or PI
>
>
> Arnold
> --
> Arnold Nipper, AN45



Posted by chris on June 13, 2006, 6:03 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

> Thanks.
>
> So do isp's actually compile a list PA an PI space using whois and put
> this
> information into thier BGP route filters ? Seems it would be a very
> tedious
> way of filtering PI announcements.

No, that would be tedious and unmanageable. ISP usually filter on prefix
size and filter out long prefixes (say /24 and up) as ISP's usually
advertise /16, /17 etc.. That's one way of doing it anyway.

PI space would tend to have a longer prefix and so would be more likely to
be filtered by tier 1 (or maybe even tier 2) ISP's.

Chris.



Posted by Arnold Nipper on June 13, 2006, 6:56 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
On 14.06.2006 00:03 chris wrote

>> Thanks.
>>
>> So do isp's actually compile a list PA an PI space using whois and put
>> this
>> information into thier BGP route filters ? Seems it would be a very
>> tedious
>> way of filtering PI announcements.
>
> No, that would be tedious and unmanageable. ISP usually filter on prefix
> size and filter out long prefixes (say /24 and up) as ISP's usually
> advertise /16, /17 etc.. That's one way of doing it anyway.
>
> PI space would tend to have a longer prefix and so would be more likely to
> be filtered by tier 1 (or maybe even tier 2) ISP's.
>

To be more precise they actually might use something like
ftp://ftp.ripe.net/ripe/docs/ripe-380.txt which is also available for
the other registries (ARIN, AfriNIC, LACNIC and APNIC)


--
Arnold Nipper, AN45

Similar ThreadsPosted
two ip blocks May 29, 2008, 1:02 pm
BGP multihoming and PA blocks June 1, 2006, 5:40 am
DHCP on 2 ip blocks October 11, 2007, 11:11 am
PIX 501 Intermittently blocks SIP November 3, 2007, 9:12 pm
Cisco 1601-R w/ 2 IP blocks? June 15, 2006, 10:21 am
gre tunnel blocks printers June 22, 2007, 7:19 pm
Routing Question - Non-contiguous IP Blocks September 1, 2005, 10:40 am
PIX or Router blocks wireless users? November 7, 2005, 6:59 pm
VPN Client blocks alla incoming connections. April 8, 2005, 5:48 pm
MAC filtering on PIX, is it possible? April 24, 2005, 12:48 am

other useful resources:
The Federal Communications Commission (FCC)
Telecommunications Industry Association
Electronic and Software Security Products and Services
International Telecommunication Union

Custom CGI Perl and PHP programming by 1-Script.com

Contact Us | Privacy Policy
The site map in XML format XML site map