[c-nsp] [Re: huge amount of weird traffic on poin-to-point ethernet link]

Michael.Dillon at btradianz.com Michael.Dillon at btradianz.com
Fri Nov 10 14:12:40 UTC 2006

> be careful before you open such a pandoras box...

The box was opened a long time ago. In an Internet
context, there are many email blacklists which 
apply various different criteria for inclusion, 
therefore, they are essentially publishing different
attributes. In a social context, freedom of religion
is a long-accepted principle and various religions
publish lists of literature that is either acceptable
or unacceptable. 

If a network operator finds a business case for
supplying service only to right wing organizations
and blocking network traffic from communist sources
then what is wrong with that? The principle of the
Internet is that network operators run private networks
and set their own policies independent of regulators
and governments.

> will this scale?

The fact that the database has multiple attributes
to assign to address ranges makes it more likely
to scale. 

> who will want to use it?

People who find some value in dynamically filtering
Internet traffic based on a trusted source for filters.

> can it be exploited?

Virtually anything can be exploited. Smart network operators
do not hardwire their routers to a 3rd-party BGP feed. Instead
they pull that feed into their operational support systems
where it can raise alarms so that a human being can decide
whether to stop or start filtering a particular range. Or else
they make some kind of 2-party binding contract with SLAs and
penalties such as a transit contract or a peering agreement.

> what sort of liability do you take on by becoming responsible for 
> policing the Internet?

Who said anything about policing the Internet? This is all
about identifying address ranges who source various kinds
of traffic that some network operators do not wish to
transit their networks. Every network operator has an AUP
for their own customers and peers. This merely extends that
to 3rd parties who wish to transit the network.

--Michael Dillon

More information about the NANOG mailing list