On 14/11/17 23:21, Gert Doering wrote:
Hi,
On Tue, Nov 14, 2017 at 10:12:11PM +1030, Mark Prior wrote:
1. Are you planning on doing that via a script or by eye-balling the policy?
eyeballing does not scale
True but I'm somewhat amazed that you try to understand someone else's policy anyway.
2. How useful is that if their export policy is announce { 0.0.0.0/0^0-24 } and community.contains(something)? Do you hunt for the import policies where community "something" is set?
We look for "which ASes are they going to announce, and which routes originate by those".
This fine-grained crap is something we ignore anyway (so, a tool that parses this and warns about non-understood extentions is ok, a tool that errors out is not helpful).
I would suggest it's not fine-grained crap but a sensible approach to classify the prefix only once. If you want to know about the ASes I might transit to you (and thus the prefixes they might announce through me) then you should be looking for an AS set that lists them rather than trying to "understand" a routing policy. If that tool is building configuration that is automatically loaded onto my routers then I don't want it to just warn about stuff it doesn't understand. I want it to complain (bitterly) and set an error status so I can investigate it. Mark.