aggregation & table entries

• Previous message (by thread): aggregation & table entries
• Next message (by thread): BCP38 making it work, solving problems
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 15 Oct 2004, Paul Vixie wrote:

>
> > > > > And what do you do with a BGP customer which sends you traffic
> > > > > from prefixes he doesn't want to announce to you? There are such
> > > > > customers.  Fail filter ACL?
> > > >
> > > > This has been my question with uRPF from the beginning. You can
> > > > solve this on for some networks, but it doesn't scale very
> > > > well. Especially where you really don't know that your customer's
> > > > customer is doing this.
> > >
> > > It's 2004, and so, your customers who want to do this have to
> > > explain why, and you have to maintain extra-ordinary filters for
> > > such customers, at either your cost or the customer's cost.
> >
> > ah-ha! Patriot-Act!

I was reminded that I forgot my ":)" on that post... I was joking, sort
of, and NOT attempting to rile the politicos either. Poor choice of
time/place on my part.

>
> not nearly.  i'm not asking you to take your shoes off before you get on
> an airplane, nor fingerprinting you before you enter the country, nor
> secretly searching your residence while you're at work.  the closest
> analogue would be wanting your body to be on the plane if your luggage
> is, and wanting the name on your ticket to be the same as the name on
> your photo-id.

Agreed, and some of these things will come with time... As I mentioned
earlier on this thread (I think) 'new equipment requirements include
line-rate filtering on all interfaces' (vendors mostly have taken this to
heart, those that have not should read the former 'jones draft' now RFC
3871 and start doing things better)

• Previous message (by thread): aggregation & table entries
• Next message (by thread): BCP38 making it work, solving problems
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]