[161947] in North American Network Operators' Group
Re: Tier 2 ingress filtering
daemon@ATHENA.MIT.EDU (Rajiv Asati (rajiva))
Thu Mar 28 19:45:31 2013
From: "Rajiv Asati (rajiva)" <rajiva@cisco.com>
To: Saku Ytti <saku@ytti.fi>
Date: Thu, 28 Mar 2013 23:45:19 +0000
In-Reply-To: <20130328233403.GA13048@pob.ytti.fi>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Saku,
> all these 100s of millions of ports configured correctly does not strike =
as
> practical goal.
It is practical, IMO, similar to configuring IP address/prefix (or QoS poli=
cies) on every port. =20
In fact, what makes it easier is that uRPF can be part of the template that=
can be universally applied to every edge port.=20
> Fixing 6000 non-stubby transit providers catering sufficiently small tail=
s
> is much more practical goal.
Agreed.
Cheers,
Rajiv
Sent from my Phone
On Mar 29, 2013, at 7:36 AM, "Saku Ytti" <saku@ytti.fi> wrote:
> On (2013-03-28 15:47 -0400), Jay Ashworth wrote:
>=20
>>> You can't do it at top-level nor it's not practical to hope that some
>>> day BCP38 is done in reasonably many last-mile port.
>>=20
>> I don't know that that's true, actually; unicast-rpf does, as I understa=
nd
>> it, most of the work, and is in most of the current firmware.
>=20
> Even if all of last mile devices support uRPF, which it does not, getting
> all these 100s of millions of ports configured correctly does not strike =
as
> practical goal.
> Fixing 6000 non-stubby transit providers catering sufficiently small tail=
s
> is much more practical goal.
>=20
> --=20
> ++ytti
>=20
