[32262] in North American Network Operators' Group
Re: [doable?] peer filtering (was Re: Trusting BGP sessions)
daemon@ATHENA.MIT.EDU (john heasley)
Wed Nov 15 16:48:41 2000
Date: Wed, 15 Nov 2000 13:40:09 -0800
From: john heasley <heas@shrubbery.net>
To: gerald@merit.edu
Cc: john heasley <heas@shrubbery.net>,
Kevin Oberman <oberman@es.net>, nanog@merit.edu
Message-ID: <20001115134009.E10339@shrubbery.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200011152125.QAA09908@outtolunch.merit.edu>; from gerald@merit.edu on Wed, Nov 15, 2000 at 04:25:59PM -0500
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, Nov 15, 2000 at 04:25:59PM -0500, gerald@merit.edu darkened my spool with the following:
>
>
> > > Since Sprint and UUnet don't seem to be willing to provide information
> > > in the IRR to allow us to generate access-lists/policies, and not
> > > peering with these folks would be a Bad Idea(tm), so we can't quite
> > > filter everyone. (If I could figure out a way to get them to register,
> > > I'd have fun trying, though.)
> >
> > so, the question is how to make registering irresistable? peering
> > contract requirement? peer pressure? :)
> >
>
> I would be very interested to hear from anyone who has problems/suggestions/
> criticisms/etc... with the current routing registry. In particular,
> it would be nice to hear from UUnet, Sprint and those people who
> choose not to register in the IRR.
>
> A few years ago the chief complaints were poor data integrity (ie, bogus/old
> /stale data), authentication/security and under-participation
> (ie, very few ISP's used the registry). Yes, these are very serious
> problems.
>
> The data integrity problem I am guessing would still be the main
> drawback people would cite.
>
> We/Merit have worked hard over the last several years to address
> the problems associated with the IRR and continue to do so. We
> are finally in a position to do something about the data integrity
> problem and expect to implement RFC2725 (ie, RPS auth) by mid-2001
> which should have a significant impact.
>
> But things change over time and I would like to hear what people
> think. Criticisms, suggestions, ...?
>
> --jerry winters (Merit)
i would venture to say that laziness would be one reason folks don't
register. possibly the primary.
havent you heard; diligence is passe. how many have md5 auth on all
their [ie]bgp sessions? <my hand is not raised, unfortunately>
