[95181] in North American Network Operators' Group
Re: Where are static bogon filters appropriate? was: 96.2.0.0/16
daemon@ATHENA.MIT.EDU (Mikael Abrahamsson)
Sun Mar 4 01:55:50 2007
Date: Sun, 4 Mar 2007 07:54:57 +0100 (CET)
From: Mikael Abrahamsson <swmike@swm.pp.se>
To: NANOG <nanog@merit.edu>
In-Reply-To: <Pine.GSO.4.64.0703032146500.7046@clifden.donelan.com>
Errors-To: owner-nanog@merit.edu
On Sat, 3 Mar 2007, Sean Donelan wrote:
> Instead of dropping packets with unallocated sources addresses, perhaps
> backbones should shutdown interfaces they receive packets from
> unallocated address space. Would this be more effective at both
> stopping the sources of unallocated addresses; as well as sources that
> spoof other addresses because the best way to prevent your interface
> from being shutdown by backbone operators is to be certain you only
> transmit packets with your source addresses.
uRPF or plain source-based filtering for the IP blocks allocated to the
customer is enough. Shutting it down doesn't make any commercial sense,
customers wont buy your service if their port is going to be shut down due
to a single packet. They'll (likely) understand if you won't forward a
packet from them which has a source address not not belonging to them,
though.
--
Mikael Abrahamsson email: swmike@swm.pp.se
