TWC (AS11351) blocking all NTP?

Jared Mauch jared at puck.nether.net
Tue Feb 4 19:24:17 UTC 2014


Please let us know your results. 

Jared Mauch

> On Feb 4, 2014, at 1:55 PM, William Herrin <bill at herrin.us> wrote:
> 
> On Tue, Feb 4, 2014 at 1:03 PM, Jared Mauch <jared at puck.nether.net> wrote:
>>>> On Feb 4, 2014, at 11:52 AM, William Herrin <bill at herrin.us> wrote:
>>>> Those that are up in arms about this stuff seem to not be the ones asking
>>>> the vendors for features and fixes.
>>> 
>>> Like I said, the "tier 1's" can't be the source of the solution until
>>> they stop being part of the problem.
>> 
>> This is the attitude that I've seen elsewhere that is devoid of any meat.
>> As I said before, we hit a big preventing the ability to do this even if
>> we wanted to. The impact is drop all traffic or permit all in that case.
> 
> Hi Jared,
> 
> I'm not confident you caught the implications of what I said. At the
> reciprocal peering link, you don't drop the spoofed traffic. You let
> it flow. You then charge a penalty when it turns out the peering
> traffic includes spoofed packets. The impact isn't drop or permit.
> It's dollars. Those who can't or won't control their customer links
> (where they trivially know what addresses are allowed) start to pay
> large amounts of money where they peer. More money than it takes to to
> properly implement customer-link filters so that they don't send
> spoofed packets to the peer.
> 
> No new tech. No blocking. Just cashflow.
> 
> Regards,
> Bill Herrin
> 
> 
> -- 
> William D. Herrin ................ herrin at dirtside.com  bill at herrin.us
> 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
> Falls Church, VA 22042-3004



More information about the NANOG mailing list