[88169] in North American Network Operators' Group
Re: preventing future situations like panix
daemon@ATHENA.MIT.EDU (Josh Karlin)
Mon Jan 23 18:37:55 2006
Date: Mon, 23 Jan 2006 16:30:17 -0700
From: Josh Karlin <karlinjf@cs.unm.edu>
To: Todd Underwood <todd@renesys.com>
Cc: Bill Woodcock <woody@pch.net>, nanog@nanog.org
In-Reply-To: <20060123202426.GH2140@renesys.com>
Errors-To: owner-nanog@merit.edu
> > It seems like most of the routers which would need to make this decisio=
n
> > wouldn't have adequate information upon which to do so...
>
> not necessarily. the decision could be made in "near real time" by
> building prefix filters based on the algorithms that josh and co have
> worked on and leaving a 'default deny' in place. this moves the
> routing decision off of the router (which i agree does not have the
> history or resources to take these additional vectors of information
> into account) and over to a server with more storage and computational
> capacity.
The 'core' routers are definitely the best informed, though other ASs
which are multi-homed also come across a substantial bit of
information through updates. Yet if only the core ASs were to run
such a solution, it would be sufficient to suppress most attacks for
at least a day. The paper has more detail on that situation.
