BGPMON Alert Questions

• Previous message (by thread): BGPMON Alert Questions
• Next message (by thread): BGPMON Alert Questions
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Apr 4, 2014 at 1:15 AM, Mark Tinka <mark.tinka at seacom.mu> wrote:

> On Friday, April 04, 2014 05:06:22 AM Sharon Goldberg wrote:
>
> > We also looked at prefix filtering and found that it has
> > better partial deployment characteristics. Our analysis
> > assumed that ISPs only filter routes from their *stub*
> > customers. (We defined a stub an AS that does not have
> > its own customers.)
>
> Just curious; in your considerations, how would/did you
> treat cases where ISP's filter their downstreams, to include
> their downstream's downstreams?
>

Right, we didn't include that in our analysis because we didn't have a good
sense for how many ISPs actually do filter their downstream downstreams.
So we chose to give a conservative estimate of the impact of prefix
filtering in partial deployment: we assumed that no one filters their
downstreams downstreams.  I'm honestly not sure exactly what including this
assumption would do to our results, except to say that it would make them
better (ie. that more attacks would be stopped).  Might be a good
experiment for one of my summer interns.

Actually, since this is NANOG, might as well ask:

Do you all view filtering your downstream's downstreams as much more
difficult than filtering only downstreams, or only stub ASes?   Do you have
a sense for how many networks filter only their direct downstreams but no
further, versus those that also filter downstreams downstreams?

Sharon

-- 
Sharon Goldberg
Computer Science, Boston University
http://www.cs.bu.edu/~goldbe

• Previous message (by thread): BGPMON Alert Questions
• Next message (by thread): BGPMON Alert Questions
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]