[4665] in North American Network Operators' Group
Re: SYN flood messages flooding my mailbox
daemon@ATHENA.MIT.EDU (Vadim Antonov)
Mon Sep 23 22:43:50 1996
Date: Mon, 23 Sep 1996 19:40:21 -0700
From: Vadim Antonov <avg@quake.net>
To: nanog@merit.edu
rwoundy@VNET.IBM.COM wrote:
>where bitmask has a bit per every interfaces, so the bit if set if
>packet matching the prefix is allowed from that interface.
>How do you handle the case of an inter-exchange point, with multiple
>BGP neighbors per interface? The MAE-East NAP is the worst case
>(and not everyone at a NAP is a "transit AS").
I don't propose using that at exchange points or anywhere within
backbones, for that matter. This is for filering on edges _only_.
>What do you do with a prefix announced through two providers, where
>the prefix is taken from one provider's supernet? Wouldn't you need
>to check the RIB entries of all matching prefixes (including default)?
See before.
You just don't do that where you have interesting routing. Fortunately,
routing on customer tail links (and in IGP-only networks) is not
"interesting" in 99.99% of cases.
--vadim
