[17924] in North American Network Operators' Group

home help back first fref pref prev next nref lref last post

Re: Government scrutiny is headed our way

daemon@ATHENA.MIT.EDU (Kent W. England)
Wed Jun 17 11:42:28 1998

Reply-To: "Kent W. England" <kwe@geo.net>
From: "Kent W. England" <kwe@geo.net>
To: "Jon Lewis" <jlewis@inorganic5.fdt.net>, "Karl Denninger" <karl@mcs.net>
Cc: <nanog@merit.edu>
Date: Wed, 17 Jun 1998 07:17:29 -0700


If software from OFRV can do ingress source address checking without
performance penalty on edge devices, it should be included as a default. It
doesn't make sense to me to run around yelling about strange people in your
house if there is technology that can bar entry. Install the lock that is
already there and lock the door.

We just have to get creative about describing the inclusion of the feature,
attendance at a congressional hearing, a demonstration at an industry
conference, and a well written press release about how "we" are doing
something about the problem. IOPS could do this. NANOG's press secretary or
executive director could do this.  :-)

--Kent


From: Jon Lewis <jlewis@inorganic5.fdt.net>
>
>On IOS, aren't packets going through ip access-group filters (that don't
>do logging) fast switched as of some point in 11.2?  If ingress filtering
>no longer has to put a huge burdon on router CPUs, it would be nice to see
>ingress filtering on the routers backbone providers talk to customers
>with ...




home help back first fref pref prev next nref lref last post