[77471] in North American Network Operators' Group
RE: Please Check Filters - BOGON Filtering IP Space 72.14.128.0/19
daemon@ATHENA.MIT.EDU (Christopher L. Morrow)
Fri Jan 21 00:28:58 2005
Date: Fri, 21 Jan 2005 05:24:23 +0000 (GMT)
From: "Christopher L. Morrow" <christopher.morrow@mci.com>
In-reply-to: <01EB7C28E9DF0B4FBD67D44A32F74283095356@sandcaexch01.pcipros.net>
To: James Laszko <james@pcipros.com>
Cc: Rob Evans <internetplumber@gmail.com>,
"Chris A. Epler" <cepler@hostmysite.com>, nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
On Thu, 20 Jan 2005, James Laszko wrote:
>
> > > Whats so bad about decent secure defaults?
>
> > I don't consider a configuration that disenfranchises part of the
> > internet as "decent [...] defaults." :)
>
> The big problem that we're experiencing here is that the big telco
> ISP's, network providers and managed service providers that should have
> something better than a 'network monkey' running their routers are
> having BOGON filtering problems.
>
> We diagnosed a problem getting to east cost government sites and in
> working with SAVVIS, we corrected problems in a matter of hours. This
> has been the only positive progress we've made in unblackholing out
> network segment. We're going on day number 4 trying to get SBC to fix
> 'managed' local government routers.
you do understand that for SBC (or anyone who manages customer devices) to
make a change:
1) the customer has to be notified of the change and given a reason for
the change
2) the customer has to agree to the change (presumably they also have to
actually be contacted.... a task of it's own at times)
3) the change has to be scheduled into a maint window
4) the procedures and maintenance changes probably have to be checked over
with the 'network monkey' (as you put it) and customer
5) change happens, for 1 customer...
Wash, rinse, repeat for the other 70,000 routers you manage for
customers... This is definitely NOT a half-rack in a colo fix. Just
contacting the customers is a feat.
-Chris
