AS8584 taking over the internet

Jerry Scharf scharf at
Thu Apr 9 22:34:10 UTC 1998


the horse is dead and partially dismembered, but we're still whacking away. 
Hopefully this will target the blows at the parts that are still not jelly.

1) Filtering is a good idea. If everyone did it, it would be a great idea. 
Getting everyone in the Internet to do anything is impossible, so maybe it's 
not the most useful solution.

2) there are groups working on ways to do announcement AS verification. there 
are two efforts in the IETF right now, in the RPS and IDR working groups. 
These will allow people to do distant source verification. These solutions 
look far more promising to me that saying everyone should filter. There is 
work beyond either of these proposals that gets harder, but both of these look 
to do a big chunk of problem for accidents like this.

Harping just a little more, unless the IP registries take the lead and push 
their hierarchical allocation tree data out and ISPs pick it up and do useful 
filtering with it, this problem will continue to occur regularly. Talk to your 
registry and your router vendors to start getting the pieces in place to get a 
global solution.

I think it is safe to say that more mail on NANOG saying people should 
neighbor filter will not solve this problem. Lets work on things that will.


More information about the NANOG mailing list