I got plenty of responses to the How could we filter extraneous BGP prefixes post, some of them referring to emerging technologies and clean-slate ideas, others describing down-to-earth approaches. Thank you all, you’re fantastic!
Almost everyone in the “down-to-earth” category suggested a more or less aggressive inbound filter combined with default routing toward upstream ISPs. Ideally the upstream ISPs would send you responsibly generated default route, or you could use static default routes toward well-known critical infrastructure destinations (like root name servers).
The best overall solution came from Killian – find a prefix filter that throws away most of the unnecessary garbage. Cisco was maintaining one a while ago (and now it’s gone); you might find something similar on MANRS web site or Team Cymru Github repository.
Someone else also suggested (in an e-mail) dropping all prefixes that are more than three AS away. His reasoning – you’re probably not more than three autonomous systems away from a tier-1 ISP, and it doesn’t make too much sense second-guessing them.
When implementing this idea, make sure you’re matching three distinct AS numbers (using a regular expression like this one), not AS paths up to three entries long. AS paths could be longer due to AS-path prepending.
If you want to achieve more balanced traffic load, you could combine this idea with the one from Octavio – accept all prefixes from “near” autonomous systems and all prefixes larger than /18 (or whatever would still fit into your TCAM) from the rest of the Internet.
In any case, you should start your contemplation with the business side of the problem: what’s the true business need for full Internet routing table? Or, as Pete put it, “If you have traffic to justify the peerings, then you can presumably afford the router that can take full Internet BGP routing table.”