Best Common Practice - Listening to local routes from peers?

• Previous message (by thread): Best Common Practice - Listening to local routes from peers?
• Next message (by thread): Best Common Practice - Listening to local routes from peers?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Feb 26, 2004, at 11:22 PM, Michael Smith wrote:

> We have a customer of a customer who is attempting to send traffic from
> IP space we control, through the Internet and back into us via one of
> our transit connections.
>
> I have filters in place that block all inbound traffic from the blocks 
> I
> announce coming in over my transit and peering connections.  This is
> breaking the downstream customer ability to route from them, through
> UUNet, and back to me.
>
> I'm curious what the Best Common Practice is for this type of scenario.
> I have always used this type of filtering as a way to bury
> source-spoofed traffic in a DDOS situation but I'm not sure if it's
> appropriate, generally speaking.

It is a good idea to filter source IP on the edge.  Since your customer 
has more than one upstream, filtering their IP space at your border is 
not "the edge".

Filter their source IP where your network meets their network.  Filter 
your source IP at your upstream borders.

My $0.0000003411284. :)

-- 
TTFN,
patrick

• Previous message (by thread): Best Common Practice - Listening to local routes from peers?
• Next message (by thread): Best Common Practice - Listening to local routes from peers?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]