North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: aggregation & table entries
- From: Christopher L. Morrow
- Date: Fri Oct 15 17:43:34 2004
On Fri, 15 Oct 2004, Paul Vixie wrote:
> > > > > And what do you do with a BGP customer which sends you traffic
> > > > > from prefixes he doesn't want to announce to you? There are such
> > > > > customers. Fail filter ACL?
> > > >
> > > > This has been my question with uRPF from the beginning. You can
> > > > solve this on for some networks, but it doesn't scale very
> > > > well. Especially where you really don't know that your customer's
> > > > customer is doing this.
> > >
> > > It's 2004, and so, your customers who want to do this have to
> > > explain why, and you have to maintain extra-ordinary filters for
> > > such customers, at either your cost or the customer's cost.
> > ah-ha! Patriot-Act!
I was reminded that I forgot my ":)" on that post... I was joking, sort
of, and NOT attempting to rile the politicos either. Poor choice of
time/place on my part.
> not nearly. i'm not asking you to take your shoes off before you get on
> an airplane, nor fingerprinting you before you enter the country, nor
> secretly searching your residence while you're at work. the closest
> analogue would be wanting your body to be on the plane if your luggage
> is, and wanting the name on your ticket to be the same as the name on
> your photo-id.
Agreed, and some of these things will come with time... As I mentioned
earlier on this thread (I think) 'new equipment requirements include
line-rate filtering on all interfaces' (vendors mostly have taken this to
heart, those that have not should read the former 'jones draft' now RFC
3871 and start doing things better)