[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

an effect of ignoring BCP38

Subject: an effect of ignoring BCP38
From: jrhett at netconsonance.com (Jo Rhett)
Date: Thu, 11 Sep 2008 10:25:01 -0700
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]> <[email protected]> <00d501c90e99$ffb4e480$ff1ead80$@com> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]>

On Sep 11, 2008, at 10:10 AM, Valdis.Kletnieks at vt.edu wrote:
> Part of the problem is that if you're talking about the 5 biggest  
> providers,
> and the 5 biggest transit, you're talking about places with routing  
> swamps
> big enough, and with sufficient dragons in residence, that you  
> really *can't*
> do BCP38 in any sane manner.  AS1312 (us) is able to do very strict  
> BCP38
> on a per-port level on every router port, because we *know* what's  
> supposed to
> be on every subnet.  By the time you walk our list of upstreams to  
> any of
> the '5 biggest anything', you've gotten to places where our  
> multihomed status
> means you can't filter our source address very easily (or more  
> properly, where
> you can't filter multihomed sources in general).

I don't agree with this statement.  I hear this a lot, and it's not  
really true.  Being multihomed doesn't mean that your source addresses  
are likely to be random.  (or would be valid if they were)

A significant portion of our customers, and *all* of the biggest  
paying ones, are multihomed.  And they might have a lot of different  
ranges, but we know what the ranges are and filter on those.

> The MIT Spoofer project seems to indicate that closer to 50% *of the  
> edge* is
> doing sane filtering. And that's where you need to do it - *edge*  
> not *core*.

I've said much the same myself.   With the caveot that if you aren't  
doing it at the edge, you need to be doing it at the closest edge you  
can find.

-- 
Jo Rhett
Net Consonance : consonant endings by net philanthropy, open source  
and other randomness

Follow-Ups:
- an effect of ignoring BCP38
  - From: pekkas at netcore.fi (Pekka Savola)
- an effect of ignoring BCP38
  - From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)

References:
- Force10 Gear - Opinions
  - From: jrhett at netconsonance.com (Jo Rhett)
- Force10 Gear - Opinions
  - From: pauldotwall at gmail.com (Paul Wall)
- Force10 Gear - Opinions
  - From: james at towardex.com (James Jun)
- BCP38 dismissal
  - From: jrhett at netconsonance.com (Jo Rhett)
- BCP38 dismissal
  - From: ge at linuxbox.org (Gadi Evron)
- BCP38 dismissal
  - From: patrick at ianai.net (Patrick W. Gilmore)
- BCP38 dismissal
  - From: ge at linuxbox.org (Gadi Evron)
- an effect of ignoring BCP38
  - From: kc at caida.org (k claffy)
- an effect of ignoring BCP38
  - From: jrhett at netconsonance.com (Jo Rhett)
- an effect of ignoring BCP38
  - From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)

Prev by Date: Cisco uRPF failures
Next by Date: Cisco uRPF failures
Previous by thread: an effect of ignoring BCP38
Next by thread: an effect of ignoring BCP38
Index(es):
- Date
- Thread