[46069] in North American Network Operators' Group
Re: Telco's write best practices for packet switching networks
daemon@ATHENA.MIT.EDU (Sean Donelan)
Tue Mar 12 02:56:22 2002
Date: Tue, 12 Mar 2002 02:54:49 -0500 (EST)
From: Sean Donelan <sean@donelan.com>
To: Jake Khuon <khuon@NEEBU.Net>
Cc: nanog@merit.edu
In-Reply-To: <200203111209.g2BC911x012633@wooj.com>
Message-ID: <Pine.GSO.4.40.0203120231180.3462-100000@clifden.donelan.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Mon, 11 Mar 2002, Jake Khuon wrote:
> There were workable solutions even back then. I think we all just chose the
> path of least resistance because it was easier and the risk factours were
> perceived to be low. We all know that was a false assumption. I remember
> the first smurf attack against mae-east and how it knocked out quite a few
> peers.
Yep, I understand. History is never as neat as we would like. It
may have been suitable in the past. Is it time to change?
I'm not suggesting RFC1918 space for internal backbone routers and IXPs,
but not announcing your internal-only nets would (slightly) increase the
difficulty of attacking the core. It doesn't even require ISPs to agree
on a best practice. A provider can choose to implement it themselves
to protect their own core network.
Perhaps the attacks on core routers aren't bad enough to justify such
a drastic step yet. I get conflicting signals from engineers still
working. Some say they see attacks all the time, others say they've
never seen one on their core routers.
