So Philip Smith / Geoff Huston's CIDR report becomes worth a good hard look today

Patrick W. Gilmore patrick at
Thu Aug 14 14:34:36 UTC 2014

On Aug 14, 2014, at 02:36 , Randy Bush <randy at> wrote:

>> It was kindly pointed out to me in private that my phrasing could be
>> misleading here.
>> When ACL112 came into being, there were old equipment that were being
>> protected by the /19 filters. However, the filters were in place long
>> after those equipment were replaced.
> but by then it had driven all sorts of filtering and a negotiated (at
> danvers) treaty with the rirs to allocate on /19.
> another note from our private aside, it is worth noting that verio's
> satanic phyltres meant we did not even notice the 7007 and 128/9
> disasters.  we read about them on nanog (or com-priv?).

Everything has pluses & minuses. The as7007 debacle was actually made far, far worse by Sprint's policies at the time, including a "-smb" (thanx, Dorian) build. Vinny may have made a major boo-boo by pumping BGP through RIPv1 then back into BGP, but the fact Sprint filtered only on AS path _and_ had an IOS which ignored withdrawals was the real killer.

Let's work on the primary protection of the INTERNET. When you were at Verio, you were driving a policy that you wanted, despite being clearly and objectively a tiny minority of the population in question. It might have made the Internet safer, but it had lots of bad side effects, including making it so that large networks have an advantage over small ones. Since those "small networks" are frequently the people paying the bills, and I am here to make money, I am not terribly happy with such policies.

A quick list off the top of my head: BCP38, filtering customer announcements properly, putting pressure on networks that needlessly deaggregate, ensuring information (e.g. "your 6500 is about to crash") is properly disseminated, etc. These will have far larger impacts, disadvantage no one, and will not lose you business like your previous policies did. Everyone wins.

All that said, I still abide by my primary rule: Your network, your decision. I am arguing for things we can all agree help everyone, not a select few.

On Aug 14, 2014, at 02:13 , Randy Bush <randy at> wrote:

>>>> you mean your vendor won't give you the knobs to do it smartly ([j]tac
>>>> tickets open for five years)?  wonder why.
>>> Might be useful if you mentioned what you considered a "smart" way to
>>> trim the fib. But then you couldn't bitch and moan about people not
>>> understanding you, which is the real reason you post to NANOG.
> i did not get the original of this post, but the ad hominem speaks for
> it pathetic self.

Ad hominem implies I was going after your character without facts. However, the statement above _is_ fact - at least I believe so and given the private replies I received (and especially who replied), I am not alone.

Also, you calling an ad hominem attack "pathetic" is hilarious in more ways than I can count. (Again, not ad hominem. It is trivial to objectively prove that statement hypocritical at least, which I find amusing.)


More information about the NANOG mailing list