[95189] in North American Network Operators' Group
Re: Where are static bogon filters appropriate? was: 96.2.0.0/16
daemon@ATHENA.MIT.EDU (Sean Donelan)
Tue Mar 6 15:34:16 2007
Date: Tue, 6 Mar 2007 15:33:15 -0500 (EST)
From: Sean Donelan <sean@donelan.com>
To: Mikael Abrahamsson <swmike@swm.pp.se>
Cc: NANOG <nanog@merit.edu>
In-Reply-To: <Pine.LNX.4.64.0703061757550.15038@uplift.swm.pp.se>
Errors-To: owner-nanog@merit.edu
On Tue, 6 Mar 2007, Mikael Abrahamsson wrote:
> Also, all the examples you give implies a BGP transit customer. I am
> imagining all kinds of customers, from colo customers where I am their
> default gateway, to residential customers where it's the same way.
I tried to give examples upstream of a router, not a bridged/direct
connection which may have all sorts of unroutable junk which a router
should not (and mostly doesn't) forward. Although spoofing MAC addresses
is probably suspicious behaivor in most bridged networks too.
> Disabling
> their port and punting them to customer support is NOT a cost efficient way
> of dealing with the problems, at least not in the market I am in.
Isn't this true of everything (bad source addresses, worms, abuse, etc).
Does hiding/ignoring the problem just makes it worse because there is no
incentive to fix the problem while it is still a small problem? If it
isn't important enough to bother the customer, why bother to fix it?
How you stop forwarding bad stuff is a local decision. As long as you
stop it, no one will turn off your interface. If your network is
forwarding so many packets with false source addresses that it would be a
major customer support cost issue to fix, your network probably has other
configuration problems. You are probably just deferring those customer
service costs until an unpredictable time in the future when those
misconfigurations disrupt other parts of your network.
