[161507] in North American Network Operators' Group
Re: [c-nsp] DNS amplification
daemon@ATHENA.MIT.EDU (Masataka Ohta)
Mon Mar 18 11:12:37 2013
Date: Tue, 19 Mar 2013 00:10:12 +0900
From: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
To: nanog@nanog.org
In-Reply-To: <51470E5F.4070804@gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Arturo Servin wrote:
> If you are the end-user organization with a multihomed topology you
> apply BCP38 within your own scope. This will help to have less spoofed
> traffic. Not solving all the problems but it would help not seeing your
> spoofed packets all over the Internet.
It does not help not seeing a spoofed packets with source addresses
of yours.
> And about the routing table size, it is not multihomed sites the
> offenders, it is large ISPs fragmenting because of traffic engineering
> or because lack of BGP knowledge.
As the number of *LARGE* ISPs is limited, it is not a problem.
Masataka Ohta
