[74788] in North American Network Operators' Group
Re: BCP38 making it work, solving problems
daemon@ATHENA.MIT.EDU (bmanning@vacation.karoshi.com)
Thu Oct 14 07:04:09 2004
Date: Thu, 14 Oct 2004 11:03:22 +0000
From: bmanning@vacation.karoshi.com
To: Michael.Dillon@radianz.com
Cc: nanog@merit.edu
In-Reply-To: <OFAC701DE9.ECCFB674-ON80256F2D.0039564D-80256F2D.003B5CD2@radianz.com>
Errors-To: owner-nanog-outgoing@merit.edu
On Thu, Oct 14, 2004 at 11:48:24AM +0100, Michael.Dillon@radianz.com wrote:
>
> > At 12:01 PM 10/13/04 +0200, Iljitsch van Beijnum wrote:
> > >Trusting the source when it says that its packets aren't evil might be
> > >sub-optimal. Evaluation of evilness is best left up to the receiver.
> >
> > Likely true. Next question is whether the receiver can really determine
> > that in real time. For some things, yes, but for many things it is not
> as
> > obvious to me.
>
> Correct me if I'm wrong here, but my interpretation of this
> suggestion was not that we should trust the source to mark
> packets but that we should trust our peers to mark packets.
...
>
> This doesn't mean that the non-evil bit is the only way,
> but the idea of network operators marking traffic in some
> way to indicate their level of confidence in its normality
> seems to be worth pursuing. It seems to be the natural
> progression of projects like the selection found at
> cymru.com.
>
> --Michael Dillon
ah ... so you have no problems with me marking your packets
anyway I choose, right? i suspect that a single tagging
scheme will be too prone to abuse and that it will be important
to have/allow the source to indicate its preferences.
i am reminded of one ISP announcing 128.0.0.0/3 some time back
based on the presumption that it could deliver any packet to the
correct destination in that range. ... :)
--bill
