Merit Network
 Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives
North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: IP economics morphed into (TCP/RST)

  • From: Stephen J. Wilcox
  • Date: Thu Apr 22 11:57:45 2004 
On Thu, 22 Apr 2004, Blaine Christian wrote:

> 
> 
> > Can I use secondary IP addresses and then BGP with these addresses, this
> > would be a form of "security by obscurity" but providing you can keep the
> > info a secret thats surely going to do it?
> 
> It will depend on your architecture in large part.  In some cases there is
> absolutely no need to route the prefixes that you use for your BGP sessions
> beyond the devices doing BGP.  This can reduce your exposure to MD5 related
> cpu churn etc...

Yes, but (1) its difficult and (2) as these are external sessions I need to 
ensure my peers are doing the same, as the chances are they wont and the chances 
are the attack comes in externally then I'm still at risk

Steve


Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.