Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Packet Kiddies Invade NANOG

  • From: David Barak
  • Date: Tue Mar 16 09:10:25 2004


--- Michael.Dillon@radianz.com wrote:

> Assuming that they are not sourcing the attacks
> in Banetele's AS, then you, the peer of Banetele
> are delivering the packet stream that kills the
> BGP session. How long before peering agreements
> require ACLs in border routers so that only BGP 
> peering routers can source traffic destined to
> your BGP speaking routers?

Even better is to seperate the control plane from the
forwarding plane, and ensure that the control plane of
a given router cannot be spoken to by anyone who is
not either internal or a direct BGP peer.  Why permit
garbage to touch your network?  

-David Barak
-Fully RFC 1925 Compliant-

=====
David Barak
-fully RFC 1925 compliant-

__________________________________
Do you Yahoo!?
Yahoo! Mail - More reliable, more storage, less spam
http://mail.yahoo.com




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.