[27179] in North American Network Operators' Group
Re: Yahoo! Lessons Learned
daemon@ATHENA.MIT.EDU (Randy Bush)
Wed Feb 9 22:06:03 2000
From: Randy Bush <randy@psg.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
To: robert@UU.NET
Cc: nanog@nanog.org
Message-Id: <E12IjuQ-00028m-00@roam.psg.com>
Date: Wed, 09 Feb 2000 19:04:46 -0800
Errors-To: owner-nanog-outgoing@merit.edu
> Yes, we have tested "source validation" in our live dial network. Yes,
> there is a performance impact. "Can do" or "Can't do" depends on how many
> dial customers you are trying to pile into one box, and what equipment you
> are using.
yup.
> Also, ingress filtering one-hop-up isn't necessarily so easy. Some of us
> will dynamically route prefixes other than /32 to certain dial customers.
> This complicates things.
yup. and worse, sometimes one does not have control over the cpe, and the
next hop, the pop aggragation box, is getting highly aggregated telco with
hundreds of dedicated customers per physical interface. hence one can run
into the not-enough-horses-to-packet-filter condition on the first level
aggregation.
randy
