[74854] in North American Network Operators' Group
Re: aggregation & table entries
daemon@ATHENA.MIT.EDU (Christopher L. Morrow)
Fri Oct 15 17:41:58 2004
Date: Fri, 15 Oct 2004 21:41:21 +0000 (GMT)
From: "Christopher L. Morrow" <christopher.morrow@mci.com>
In-reply-to: <20041015211937.B478813E14@sa.vix.com>
To: Paul Vixie <paul@vix.com>
Cc: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
On Fri, 15 Oct 2004, Paul Vixie wrote:
>
> > > > > And what do you do with a BGP customer which sends you traffic
> > > > > from prefixes he doesn't want to announce to you? There are such
> > > > > customers. Fail filter ACL?
> > > >
> > > > This has been my question with uRPF from the beginning. You can
> > > > solve this on for some networks, but it doesn't scale very
> > > > well. Especially where you really don't know that your customer's
> > > > customer is doing this.
> > >
> > > It's 2004, and so, your customers who want to do this have to
> > > explain why, and you have to maintain extra-ordinary filters for
> > > such customers, at either your cost or the customer's cost.
> >
> > ah-ha! Patriot-Act!
I was reminded that I forgot my ":)" on that post... I was joking, sort
of, and NOT attempting to rile the politicos either. Poor choice of
time/place on my part.
>
> not nearly. i'm not asking you to take your shoes off before you get on
> an airplane, nor fingerprinting you before you enter the country, nor
> secretly searching your residence while you're at work. the closest
> analogue would be wanting your body to be on the plane if your luggage
> is, and wanting the name on your ticket to be the same as the name on
> your photo-id.
Agreed, and some of these things will come with time... As I mentioned
earlier on this thread (I think) 'new equipment requirements include
line-rate filtering on all interfaces' (vendors mostly have taken this to
heart, those that have not should read the former 'jones draft' now RFC
3871 and start doing things better)
