[169499] in North American Network Operators' Group
Re: Filter NTP traffic by packet size?
daemon@ATHENA.MIT.EDU (=?ISO-8859-1?Q?J=E9r=F4me_Nicolle?)
Fri Feb 28 10:51:18 2014
Date: Fri, 28 Feb 2014 16:50:47 +0100
From: =?ISO-8859-1?Q?J=E9r=F4me_Nicolle?= <jerome@ceriz.fr>
To: nanog@nanog.org
In-Reply-To: <CA+E3k92tSRhzBbu5gEAAyfg63cq-2Et7BdKX6CHU9nL7ms53+w@mail.gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Hi Royce,
Le 23/02/2014 20:48, Royce Williams a écrit :
> Newb question ... other than retrofitting, what stands in the way of
> making BCP38 a condition of peering?
Good point ! And simple answer : most peers wouldn't support the hassle
yet, thus reducing peering density and interest.
I operate a small IXP in southern France and none of my members is
currently BCP38 compliant. Of 16 members only one is known to work on
the issue.
Funny thing beeing that most active members are also switching to
Juniper routers and all had been contributing as NTP reflectors because
of JunOS bugs.
I'd rather consider implementing ACLs on member ports to filter-out
illegitimate prefixes (cannot do OpenFlow on cheap L2 switches :( )
rather than making BCP38 compliance mandatory.
Best regards,
--
Jérôme Nicolle
+33 6 19 31 27 14
