[10748] in North American Network Operators' Group
Re: NSPs and filters
daemon@ATHENA.MIT.EDU (Dorian R. Kim)
Sun Jul 13 16:29:38 1997
Date: Sun, 13 Jul 1997 16:19:38 -0400 (EDT)
From: "Dorian R. Kim" <dorian@blackrose.org>
To: Vadim Antonov <avg@pluris.com>
cc: nanog@merit.edu
In-Reply-To: <199707130845.BAA03281@quest.pluris.com>
On Sun, 13 Jul 1997, Vadim Antonov wrote:
> randy> So, at POP X, I take in maybe 100 prefixes, with maybe 1000
> randy> at some POPs. How do I build and maintain that filter list,
>
> alan@mindvision.com (Alan Hannan) wrote:
>
> > The same way you build and maintain routing filter lists for the
> > prefixes you take in.
>
> Bzzt. Routing filter lists are applied to routing updates. Packet
> filter lists are applied to packets.
>
> Big difference.
>
> 1000-entry packet filter will slow any existing router down to crawl,
> and practically all future boxes won't do any better.
Vadim, I think Alan was talking about the mechanics of building such a list,
not deploying them in particular.
Given the information required to effectively filter cutomer routes, I'd
suggest that one has enough information to create a packet filter list based
on them. It's just matter of "simple" database work and automation. ;)
-dorian
