In this presentation, we examine facts and fiction of the filtering of peering sessions in the Internet core.

Large networks have traditionally not filtered peering sessions, preferring instead to trust their peers to correctly filter all customer connections. Although several incidents have caused network operators to reexamine this approach, few have been willing to attempt to filter all peering sessions due to the perceived difficulty of building and deploying the necessary prefix filters.

We present a novel technique for generating prefix filters in the absence of up-to-date IRR data, including an analysis of the accuracy that may be possible using the new technique. We also look at the operational impact and performance of using this technique on real-world infrastructures.

About the Presenters
Jim DeLeskie is a Senior Network Engineer at Teleglobe. His core areas of responsibility are core routing, peering, security, and network architecture. Prior to joining Teleglobe, Jim held several positions in both the vendor and service provide space over the past 10 years, including time at Rogers Cable, Avici Systems, and internetMCI.

Tom Scholl is a senior network engineer at SBC Internet Services, IP Core NP&E - Design & Standards. He currently works on defining SBCIS routing protocol policies, network architecture of both the IP and FTTx networks. and testing router code and hardware. Previously, Tom worked at Ameritech and various other Chicago ISPs.

Todd Underwood is in charge of operations and peering for Renesys. Before that he was CTO of Oso Grande, a New Mexico ISP. He has a background in systems engineering and security and has worked on a variety of systems architecture and scalability problems. Todd has presented work related to Internet routing dynamics and relationships at NANOG and various peering forums (LINX, S&D, NOTA).