Packet Kiddies Invade NANOG
David Barak
thegameiam at yahoo.com
Tue Mar 16 14:07:59 UTC 2004
--- Michael.Dillon at radianz.com wrote:
> Assuming that they are not sourcing the attacks
> in Banetele's AS, then you, the peer of Banetele
> are delivering the packet stream that kills the
> BGP session. How long before peering agreements
> require ACLs in border routers so that only BGP
> peering routers can source traffic destined to
> your BGP speaking routers?
Even better is to seperate the control plane from the
forwarding plane, and ensure that the control plane of
a given router cannot be spoken to by anyone who is
not either internal or a direct BGP peer. Why permit
garbage to touch your network?
-David Barak
-Fully RFC 1925 Compliant-
=====
David Barak
-fully RFC 1925 compliant-
__________________________________
Do you Yahoo!?
Yahoo! Mail - More reliable, more storage, less spam
http://mail.yahoo.com
More information about the NANOG
mailing list