69/8...this sucks -- Centralizing filtering..

Mon Mar 10 15:54:54 UTC 2003

> Since most service providers should be thinking about a sink hole network
> for security auditing (and backscatter),  why not have ONE place where you
> advertise all unreachable, or better yet -- a default (ie everything NOT
> learned through BGP peers), and just forward the packets to a bit bucket..
> Which is better than an access list since, now we are forwarding packets
> instead of sending them to a CPU to increase router load.
>
> I don't think ARIN can help the situation.  ISPs just need to remove the
> access lists from each router in the network and centralize them.

I totally agree with you. However, as always, centralized systems, while
ease management and scalability, everything becomes a trust issue and a
single point of failure or source of problems...

May be, this could be a subscription based type of service, something like
RADB, where everyone subscribes into a central filtering list that is
managed by a seperate organization? I really like the Rob's bogon
route-server setup.

-hc

 >
> Regards,
> mark
>
> --
> Mark Segal
> Director, Data Services
> Futureway Communications Inc.
> Tel: (905)326-1570
>
>
> > -----Original Message-----
> > From: E.B. Dreger [mailto:eddy+public+spam at noc.everquick.net]
> > Sent: March 10, 2003 10:17 AM
> > To: nanog at merit.edu
> > Subject: Re: 69/8...this sucks
> >
> >
> >
> > > Date: Mon, 10 Mar 2003 09:46:33 +0000
> > > From: Michael.Dillon
> >
> >
> > > I have suggested that ARIN should set up an LDAP server to
> > publish the
> > > delegation of all their IP address space updated
> >
> > Not bad, but will the lazy ISPs set up an LDAP server to
> > track changes they aren't tracking now?  Will those with
> > erroneous filters magically change simply because of LDAP?  I
> > still contend the answer is is a boot to the head that
> > screams to them, "Update your freaking filters!"
> >
> >
> > Eddy
> > --
> > Brotsman & Dreger, Inc. - EverQuick Internet Division
> > Bandwidth, consulting, e-commerce, hosting, and network building
> > Phone: +1 (785) 865-5885 Lawrence and [inter]national
> > Phone: +1 (316) 794-8922 Wichita
> >
> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
> > From: A Trap <blacklist at brics.com>
> > To: blacklist at brics.com
> > Subject: Please ignore this portion of my mail signature.
> >
> > These last few lines are a trap for address-harvesting
> > spambots. Do NOT send mail to <blacklist at brics.com>, or you
> > are likely to be blocked.
> >
>