Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons

• Previous message (by thread): Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons
• Next message (by thread): Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, 4 Mar 2007, Mikael Abrahamsson wrote:
>> Instead of dropping packets with unallocated sources addresses, perhaps 
>> backbones should shutdown interfaces they receive packets from unallocated 
>> address space.  Would this be more effective at both stopping the sources 
>> of unallocated addresses; as well as sources that spoof other addresses 
>> because the best way to prevent your interface from being shutdown by 
>> backbone operators is to be certain you only transmit packets with your 
>> source addresses.
>
> uRPF or plain source-based filtering for the IP blocks allocated to the 
> customer is enough. Shutting it down doesn't make any commercial sense, 
> customers wont buy your service if their port is going to be shut down due to 
> a single packet. They'll (likely) understand if you won't forward a packet 
> from them which has a source address not not belonging to them, though.

When customers misconfigure their router, e.g. wrong BGP neighbor or ASN, 
wrong interface IP address, exceed max prefix limit, etc; don't they lose 
Internet connectivity until they fix it?

A properly configure router should never forward even a single bad 
packet.  If it does, isn't it likely to have configuration problems so
why continue to keep misconfigured routers connected?

Customers are unlikely to fix problems which don't cause them to lose
service.

• Previous message (by thread): Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons
• Next message (by thread): Where are static bogon filters appropriate? was: 96.2.0.0/16 Bogons
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]