Smurfing and IP filtering

Jeff Mcadams jeffm at
Thu Jan 14 15:57:29 UTC 1999

Thus spake Steven J. Sobol
>On Thu, Jan 14, 1999 at 01:30:01PM +0300, Alex P. Rudnev wrote:
>> There is RFC recommendation for the router.

>> Why there is not RFC describing the policy (mandatory!) for the ISP?

>An RFC is a recommendation. A typical RFC usually ends up being a de-facto
>standard, however it does not have the force of law.

>Backbone operators have to start putting pressure on their downstreams to
>fix their router configs. The downstreams have to put pressure on THEIR
>downstreams, etc. The only way to get everyone to fix their routers is to
>write clauses into contracts saying "if your network ends up being a smurf
>amplifier, and we find that your routers are misconfigured, you will be
>disconnected from the Net without any kind of refund or credit for your
>downtime, and you will remain down until you fix things."

>That, and education, will do the trick.

True, but publishing an RFC to add some weight to that might help in
that education effort and help the upstreams convince their downstreams
that it needs to be done.  A well written RFC might also be a document
that the upstreams could send to the downstreams to help them understand
actually what's going on with the situation and help them understand why
it needs to be fixed (why in the greater overall good scheme of things,
though why in the "do this or we're axing your connection" will help as
well).  If the issues are outlined in a nice format that people can
read, I suspect you'll get less opposition from downstreams that don't
want to muck with their already fine (as far as their performance can
tell) router configs.

While I, and threatening to ax connections *should* do
the trick, the sad truth here is that before you can deal with router
configs, you're dealing with humans in these organizations that you have
to convince this is a good thing to do.  I believe that an RFC would
*help* to do that.  No, it shouldn't be necessary, but if there's very
little downside to it (and I don't see much downside to publishing an
RFC...maybe a Best Current Practices or something), and there's some
upside to it in that it might help convince some recalcitrant or
ignorant network operators out there to change their router
configs...well then, I say, let's do it.
Jeff McAdams                            Email: jeffm at
Head Network Administrator              Voice: (502) 966-3848
IgLou Internet Services                        (800) 436-4456

More information about the NANOG mailing list