BGP lockdown hints

As I am preparing talks for the upcoming WISPAPALOOZA 2014 in Las Vegas I am making some notes on advanced BGP.  If you are running BGP, and want to lock it down a little here are some general hints.  If you want more attend my session in Vegas or look here afterwords for the full rundown.

General Hints for BGP filter.

1.Filter all all the bogon addresses unless you have a specific need. If you have to ask you probably don’t have a need so filter it. Bogons are:,

2.Don’t accept your own IP space from upstreams.  There should be no reason someone is advertising your own IP space back to you that is not a downstream customer.  I mean dowstream as to someone you have assigned your own IP space to.

3.Limit the maximum number of prefixes your router will accept.

4.Most ISPs don’t announce anything less than a /24.  Configure your filters to not accept anything smaller than a /24 unless you have a specific need to do so.

5. Separate iBGP from eBGP.

6.Understand the defaults for the platform you are using.


mikrotik MUM new announcements

Radome for mANT antenna

cAP – ceiling AP

RB 850

CRS 8 port series – 8 Ethernet. 2 SFP+  More of a switch than a router

CRS112-8g-4s-in – 8 Ethernet 4 sfp

CRS212-1g-10s-1s+ – 1 Ethernet , 10 sfp, 1sfp+

all ports on switches wire speed

FTC -fiber to copper converter. Outdoor waterproof case. $39

CCR1072 – 72 core. 8 10 gig SFP+. Dual power supplies. Smart card slot. Coming November



Bitlomat Photos

Some of you have been asking for some photos of the Bitlomat CPE in real life.

The last photo is side by side compared to a UBNT M5 Nano

News from the WEB – ISP Edition
Add NewWave Communications
 to the growing list of ISPs large and small that are promising to soon offer 1 Gbps speeds — albeit to a tiny portion of their overall subscribers. The company has announced that they’re planning to offer 1 Gbps to a handful of rural markets starting next year
California this week became the first state in the country to pass a law requiring that cell phones include so-called “kill switch” functionality to deter theft, enabled by default
Intel is revealing what it calls the world’s smallest standalone wireless modem for connecting the Internet of things, or everyday things that are connected to the web like coffee machines that you can turn on with a mobile app.