November 3, 2014
BGP Community based filtering
- BGP community implementation
Mike O’Connor suggested a clarification to community tag 65010:XXXX “do not announce to ASxxxx. This applies to end sites only, NSP ASN’s will not be blocked. A site wishing to block their own route prefixes from being advertised to a remote LHCONE participant must specify and tag each individual end site separately. The consensus is that preventing an NSP from distributing your sites prefixes to “all” of it’s customers is too broad and increases the risk of unintended consequences as NSPs add new sites and potentially new experiments, BELLE-II for instance.
- BGP Community Completion Status
Dante, ESnet, I2, Nordunet have completed the implementation of the five mandatory communities listed at: https://twiki.cern.ch/twiki/bin/view/LHCONE/LhcOneVRF#BGP_communities
CANET and Cern please send your networks compliance status to the LHCONE operations list as soon as it can be verified.
Mian Usman brought up the issue of NRENs that support LHCONE sites that were not on the call and may not have implemented the LHCONE BGP community service, or may have sites with private ASNs that are not visible to remote participants and so can not be blocked.
Mian will compile a list of LHCONE participating NRENs that peer with the GEANT network in order to move through the BGP community implementation uniformly and completely.
- Discussion of capabilities provided
Bruno Hoeft discussed a potential issue regarding the effectiveness of prepending ASNs to traffic engineer between LHCONE and LHCOPN networks. In most if not all cases the LHCOPN AS path is shorter than the LHCONE AS path for the same prefix and this may render AS path prepending ineffective within the LHCOPN LHCONE context.
- Testing and documentation
An LHCONE document describing how an end site should plan and configure their BGP to take advantage of these new services needs to be posted to the CERN wiki.
We need volunteers, please respond to the operations list if you are interested.
Service verification tests need to be developed in coordination with end sites.
NSPs are encouraged to touch base with their customers to request their participation.
The how-to documentation discussed above should be provided to the customer sites participating in the tests and should be revised based on site input during the testing process.
The next LHCONE operations call will be held on November 17th, 2014.