[150458] in North American Network Operators' Group
Re: do not filter your customers
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Fri Feb 24 14:30:51 2012
In-Reply-To: <1E4FA693-C09B-41F1-9A19-733853007327@tcb.net>
Date: Fri, 24 Feb 2012 14:29:57 -0500
From: Christopher Morrow <morrowc.lists@gmail.com>
To: Danny McPherson <danny@tcb.net>
Cc: North American Network Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Fri, Feb 24, 2012 at 2:26 PM, Danny McPherson <danny@tcb.net> wrote:
> happens by accident all the time. =A0How we can justify putting all
> that BGPSEC and RPKI machinery in place and not address this
> "leak" issue somewhere in the mix is, err.., telling.
I think if we asked telstra why they didn't filter their customer some
answer like:
1) we did, we goofed, oops!
2) we don't it's too hard
3) filters? what?
I suspect in the case of 1 it's a software problem that needs more
belts/suspenders
I suspect in the case of 2 it's a problem that could be shown to be
simpler with some resource-certification in place
I suspect 3 is not likely... (or I hope so).
So, even without defining what a leak is, providing a tool to better
create/verify filtering would be a boon.
