aggregation & table entries

Christopher L. Morrow christopher.morrow at
Fri Oct 15 21:41:21 UTC 2004

On Fri, 15 Oct 2004, Paul Vixie wrote:

> > > > > And what do you do with a BGP customer which sends you traffic
> > > > > from prefixes he doesn't want to announce to you? There are such
> > > > > customers.  Fail filter ACL?
> > > >
> > > > This has been my question with uRPF from the beginning. You can
> > > > solve this on for some networks, but it doesn't scale very
> > > > well. Especially where you really don't know that your customer's
> > > > customer is doing this.
> > >
> > > It's 2004, and so, your customers who want to do this have to
> > > explain why, and you have to maintain extra-ordinary filters for
> > > such customers, at either your cost or the customer's cost.
> >
> > ah-ha! Patriot-Act!

I was reminded that I forgot my ":)" on that post... I was joking, sort
of, and NOT attempting to rile the politicos either. Poor choice of
time/place on my part.

> not nearly.  i'm not asking you to take your shoes off before you get on
> an airplane, nor fingerprinting you before you enter the country, nor
> secretly searching your residence while you're at work.  the closest
> analogue would be wanting your body to be on the plane if your luggage
> is, and wanting the name on your ticket to be the same as the name on
> your photo-id.

Agreed, and some of these things will come with time... As I mentioned
earlier on this thread (I think) 'new equipment requirements include
line-rate filtering on all interfaces' (vendors mostly have taken this to
heart, those that have not should read the former 'jones draft' now RFC
3871 and start doing things better)

More information about the NANOG mailing list