[38231] in North American Network Operators' Group
Re: engineering --> ddos and flooding
daemon@ATHENA.MIT.EDU (Jim Shankland)
Fri Jun 1 11:41:43 2001
Date: Fri, 1 Jun 2001 08:44:19 -0700
Message-Id: <200106011544.IAA03761@ndk.shankland.org>
From: Jim Shankland <nanog@shankland.org>
To: Dan Foster <dsf@frontiernet.net>,
Andrew Dorsett <zerocool@netpath.net>
Cc: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
Dan Foster <dsf@frontiernet.net> writes:
> I, too, am much looking forward to the proposed standards to turn this
> kind of thing into a non-event. :)
Well, look no further than here, for your prayers are answered:
On any connection to an end-user, ISPs shall forward only
packets with source addresses assigned to that end-user by
the ISP. Exceptions can be made for multi-homed
end-users: e.g., if an end-user has 1.2.3.0/24 from ISP A,
and 5.6.7.0/24 from ISP B, each ISP may choose to accept
packets with source addresses from the block assigned by
the other ISP, by prior arrangement with the end-user and
the other ISP.
Now, if you're looking forward to the *implementation* of this
proposed standard, you had best be looking through a very strong
telescope. It will happen some time after the last open SMTP relay
on the Internet is secured :-(.
Jim Shankland
