[56506] in North American Network Operators' Group
RE: 69/8...this sucks -- Centralizing filtering..
daemon@ATHENA.MIT.EDU (Mark Segal)
Mon Mar 10 10:29:28 2003
From: Mark Segal <MSegal@FUTUREWAY.CA>
To: nanog@merit.edu
Date: Mon, 10 Mar 2003 10:27:35 -0500
Errors-To: owner-nanog-outgoing@merit.edu
What surprises me most about this entire thread is the lack of centralized
filtering.
Since most service providers should be thinking about a sink hole network
for security auditing (and backscatter), why not have ONE place where you
advertise all unreachable, or better yet -- a default (ie everything NOT
learned through BGP peers), and just forward the packets to a bit bucket..
Which is better than an access list since, now we are forwarding packets
instead of sending them to a CPU to increase router load.
I don't think ARIN can help the situation. ISPs just need to remove the
access lists from each router in the network and centralize them.
Regards,
mark
--
Mark Segal
Director, Data Services
Futureway Communications Inc.
Tel: (905)326-1570
> -----Original Message-----
> From: E.B. Dreger [mailto:eddy+public+spam@noc.everquick.net]
> Sent: March 10, 2003 10:17 AM
> To: nanog@merit.edu
> Subject: Re: 69/8...this sucks
>
>
>
> > Date: Mon, 10 Mar 2003 09:46:33 +0000
> > From: Michael.Dillon
>
>
> > I have suggested that ARIN should set up an LDAP server to
> publish the
> > delegation of all their IP address space updated
>
> Not bad, but will the lazy ISPs set up an LDAP server to
> track changes they aren't tracking now? Will those with
> erroneous filters magically change simply because of LDAP? I
> still contend the answer is is a boot to the head that
> screams to them, "Update your freaking filters!"
>
>
> Eddy
> --
> Brotsman & Dreger, Inc. - EverQuick Internet Division
> Bandwidth, consulting, e-commerce, hosting, and network building
> Phone: +1 (785) 865-5885 Lawrence and [inter]national
> Phone: +1 (316) 794-8922 Wichita
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
> From: A Trap <blacklist@brics.com>
> To: blacklist@brics.com
> Subject: Please ignore this portion of my mail signature.
>
> These last few lines are a trap for address-harvesting
> spambots. Do NOT send mail to <blacklist@brics.com>, or you
> are likely to be blocked.
>
