[67930] in North American Network Operators' Group
Re: Converged Networks Threat (Was: Level3 Outage)
daemon@ATHENA.MIT.EDU (Matthew Crocker)
Wed Feb 25 14:37:43 2004
In-Reply-To: <1077735938.10589.292.camel@repulse.jsw.louisville.ky.us>
From: Matthew Crocker <matthew@crocker.com>
Date: Wed, 25 Feb 2004 14:32:23 -0500
To: 'nanog@merit.edu' <nanog@merit.edu>
Errors-To: owner-nanog-outgoing@merit.edu
>
> Yesterday we witnessed a large scale failure that has yet to be
> attributed to configuration, software, or hardware; however one need
> look no further than the 168.0.0.0/6 thread, or the GBLX customer who
> leaked several tens of thousands of their peers' routes to GBLX shortly
>
This should be rewritten 'Or GLBX who LET one of their customers leak
several tens of thousands of the peers routes...'. I'm sorry, a
network should be able to protect itself from its users and customers.
BGP filters are not that hard to figure out and peer prefix limits
should be part of every config. Don't trust the guy at the other end
of the pipe to do the right thing.
-Matt
