[14567] in North American Network Operators' Group
Re: route ingress
daemon@ATHENA.MIT.EDU (Alex P. Rudnev)
Wed Jan 7 10:51:14 1998
Date: Wed, 7 Jan 1998 12:39:26 +0300 (MSK)
From: "Alex P. Rudnev" <alex@Relcom.EU.net>
To: Vadim Antonov <avg@pluris.com>
cc: "Sean M. Doran" <smd@clock.org>, nanog@merit.edu
In-Reply-To: <34B2A0E3.F049EC41@pluris.com>
I am sorry, but what for do you want it? Why is not efficient to use AS
identification in conjuction to IP prefix filtering at the 1't level ISPs
(and may be 2'nd level too), based on the NIC data base.
??
On Tue, 6 Jan 1998, Vadim Antonov wrote:
> Date: Tue, 06 Jan 1998 13:23:47 -0800
> From: Vadim Antonov <avg@pluris.com>
> To: "Sean M. Doran" <smd@clock.org>, nanog@merit.edu
> Subject: Re: route ingress
>
> Sean M. Doran wrote:
>
> > Vadim Antonov ?avg@pluris.com? writes:
> >
> > ? The only real solution is strong cryptographical authentication of
> > ? the ownership of routing prefixes. For some reason i do not see
> > ? any serious work in that direction being done.
> >
> > This would be much easier if we had a bottom-up
> > hierarchical addressing structure rather than the
> > current top-down one.
>
> I quite agree with that (though i'm not convinced that "bottom->top"
> allocation combined with recursive NATting is the best architecture).
>
> However, this does not preclude doing authentication with the current
> routing system.
>
> --vadim
>
>
>
Aleksei Roudnev, Network Operations Center, Relcom, Moscow
(+7 095) 194-19-95 (Network Operations Center Hot Line),(+7 095) 239-10-10, N 13729 (pager)
(+7 095) 196-72-12 (Support), (+7 095) 194-33-28 (Fax)
