[68746] in North American Network Operators' Group
Re: Packet Kiddies Invade NANOG
daemon@ATHENA.MIT.EDU (David Barak)
Tue Mar 16 09:08:42 2004
Date: Tue, 16 Mar 2004 06:07:59 -0800 (PST)
From: David Barak <thegameiam@yahoo.com>
To: Michael.Dillon@radianz.com, nanog@merit.edu
In-Reply-To: <OF08D8EB34.A27C9D68-ON80256E59.003B6459-80256E59.003BF144@radianz.com>
Errors-To: owner-nanog-outgoing@merit.edu
--- Michael.Dillon@radianz.com wrote:
> Assuming that they are not sourcing the attacks
> in Banetele's AS, then you, the peer of Banetele
> are delivering the packet stream that kills the
> BGP session. How long before peering agreements
> require ACLs in border routers so that only BGP
> peering routers can source traffic destined to
> your BGP speaking routers?
Even better is to seperate the control plane from the
forwarding plane, and ensure that the control plane of
a given router cannot be spoken to by anyone who is
not either internal or a direct BGP peer. Why permit
garbage to touch your network?
-David Barak
-Fully RFC 1925 Compliant-
=====
David Barak
-fully RFC 1925 compliant-
__________________________________
Do you Yahoo!?
Yahoo! Mail - More reliable, more storage, less spam
http://mail.yahoo.com
