[161905] in North American Network Operators' Group
RE: BCP38 - Internet Death Penalty
daemon@ATHENA.MIT.EDU (Adam Vitkovsky)
Thu Mar 28 08:20:21 2013
From: Adam Vitkovsky <adam.vitkovsky@swan.sk>
To: 'Saku Ytti' <saku@ytti.fi>, <nanog@nanog.org>
In-Reply-To: <20130327191819.GA16425@pob.ytti.fi>
Date: Thu, 28 Mar 2013 13:20:07 +0100
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
> If you are doing strict BGP prefix-filter, it's either very easy to
generate ACL while at it
Yes and that is exactly what needs to become a habit for all the operators.
We all do care what our neighbors advertise to us or what prefixes we accept
from them.
But only a few really do care whether that's actually what is leaving our
neighbor's network.
It's a pity that rpf is not "on" by default for interfaces over which the
ebgp session is configured.
adam
