[28049] in North American Network Operators' Group
Re: Policies: Routing a subset of another ISP's address block
daemon@ATHENA.MIT.EDU (Phillip Vandry)
Wed Apr 5 19:22:36 2000
Date: Wed, 5 Apr 2000 19:10:30 -0400 (EDT)
From: Phillip Vandry <vandryp@psi.ca>
Message-Id: <200004052310.TAA21325@Iodine.Mlink.NET>
To: Jesper Skriver <jesper@skriver.dk>
Cc: David Harrison <david.harrison@interpath.net>, nanog@merit.edu
In-reply-to: Your message of "Wed, 05 Apr 2000 18:01:27 EDT."
<20000405180127.C77495@skriver.dk>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Errors-To: owner-nanog-outgoing@merit.edu
> I can say for sure, that we doesn't accept more specific announcements within
> our PA blocks, nor does we accept traffic with a source within these
> blocks.
So you might not allow a customer to break up your block, but you haven't
said that you wouldn't allow a customer to announce a fragmented block
belonging to someone else, supposing this other party does not share
your policy.
> > I don't see the logic behind refusing the customer a request of this sort.
>
> Exploding routing tables, and it makes it impossible to do anti-spoofing
> filters ...
You're going to have to exempt multihomed downstream customers from your
anti spoofing filters anyway, whether they use your space, someone else's
or their own. To put it another way, if you have clueful downstreams,
you should delegate anti spoofing to them, they will do it closer to
the edge where there is no asymetrical routing.
-Phil
