BCP38 [Was: Re: TWC (AS11351) blocking all NTP?]
Octavio Alvarez
alvarezp at alvarezp.ods.org
Wed Feb 5 00:48:30 UTC 2014
On 04/02/14 16:31, Livingood, Jason wrote:
>>> Can somebody explain to me why those who run eyeball networks are able
>>> to block outbound packets when the customer hasn't paid their bill,
>>> but can't seem to block packets that shouldn't be coming from that
>>> cablemodem?
>>
>> i suspect the non-payment case is solved at a layer below three
>
> In a DOCSIS network the source address verification (as Tony said) is
> typically done on the CMTS IIRC. Turning a customer off for non-payment is
> done in an accounts management / billing system.
>
> While I am sure continuing to agree with each other that spoofing is bad,
> we lack actionable data. ;-) As I said in another thread, I think someone
> / some group needs to invest to collect actual data and share the results
> openly.
>
> So any volunteers out there? I¹m sure there are lots of ways to underwrite
> independent research on the subject (contact me off-list).
Maybe I'm oversimplifying things but I'm really curious to know why
can't the nearest-to-end-user ACL-enabled router simply have an ACL to
only allows packets from end-users that has a valid source-address from
the network segment they provide service to.
What I'm failing to understand, and again, please excuse me if I'm
oversimplifying, is what data do you need from researchers,
specifically. What specific actionable data would be helpful? Why does
the lack of the data prevent you from applying an ACL.
More information about the NANOG
mailing list