an effect of ignoring BCP38
jrhett at netconsonance.com
Thu Sep 11 02:28:25 CDT 2008
On Sep 6, 2008, at 6:49 AM, k claffy wrote:
> do that many networks really allow spoofing? i used
> to think so, based on hearsay, but rob beverly's
> http://spoofer.csail.mit.edu/summary.php suggests
> things are a lot better than they used to be, arbor's
> last survey echos same. are rob's numbers inconsistent
> with numbers anyone else believes to be true?
I hate to spoil anyone's fantasies about this topic, but yeah.
Nearly everyone does.
I've been in, near, or directly in touch with enough big provider NOCs
in the last year on various DoS attach research issues, and nearly
nobody... that's right NONE of them were using BCP38 consistently.
Name the five biggest providers you can think of. They ain't doing
it. Now name the five best transit providers you can think of. They
ain't doing it either. (note that all of these claimed to be doing so
in that survey, but during attack research they admitted that it was
only in small deployments)
If someone told me (truthfully) that there was 10% BCP38 compliance
out there, I'd be surprised given what I have observed.
We don't have a long ways to finish. We have a long ways to start.
Finishing isn't even within the horizon yet.
Net Consonance : consonant endings by net philanthropy, open source
and other randomness
More information about the NANOG