engineering --> ddos and flooding
Jim Shankland
nanog at shankland.org
Fri Jun 1 15:44:19 UTC 2001
Dan Foster <dsf at frontiernet.net> writes:
> I, too, am much looking forward to the proposed standards to turn this
> kind of thing into a non-event. :)
Well, look no further than here, for your prayers are answered:
On any connection to an end-user, ISPs shall forward only
packets with source addresses assigned to that end-user by
the ISP. Exceptions can be made for multi-homed
end-users: e.g., if an end-user has 1.2.3.0/24 from ISP A,
and 5.6.7.0/24 from ISP B, each ISP may choose to accept
packets with source addresses from the block assigned by
the other ISP, by prior arrangement with the end-user and
the other ISP.
Now, if you're looking forward to the *implementation* of this
proposed standard, you had best be looking through a very strong
telescope. It will happen some time after the last open SMTP relay
on the Internet is secured :-(.
Jim Shankland
More information about the NANOG
mailing list