-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Job, On 13.12.13 21:08, Job Snijders wrote:
On Fri, Dec 13, 2013 at 08:31:39PM +0100, Harald Michl wrote:
We (ACOnet, the Austrian NREN, AS1853) do have several upstreams. More or less per random we detected that one of them delivers prefixes with a different route origin parameter (IGP instead of incomplete) than others. This obviously has a big influence in the BGP best-path selection. After asking why this is the case we learned from them:
On 28.11.13 10:32, support@xxx.com wrote:>
Hi Harald,
The XXX standard route map sets origin IGP as standard across all customer learned routes...
Now we are currently debating with them whether this is ok or not.
For me the igp attribute falls in same category as MED. If your routing policy is not to accept MEDs (thus rewriting them), you should for consistency purposes, also reset route origin attribute.
Of course we could rewrite all origin attributes to be the same. But that's like removing it from the best-path calculation. (this is not a problem, just a conclusion)
It is likely your upstream is resetting the origin to draw more traffic towards themselves. To level the playing field in your case, it might be beneficial to reset origin on outbound advertisement across all your upstreams.
Yes attracting more traffic could be a reason. But I think there is no reason why someone _has to_ rewrite the origin parameter. So I'd expect this data set by origin not to be changed during the bgp propagation. I also wonder which attributes will be signed in a more secure BGP environment in the long run. If the origin attribute is going to be one of these parameters then signature-checks will/would fail... - -Harald
Kind regards,
Job
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlKsKZsACgkQszNfQwh3cvRyKwCeL2viSzvpvd1Jy3Nf8q2Gu4wY XZwAoPNxBf4enTMtI1be9NnHIYPUPkqf =2/dl -----END PGP SIGNATURE-----