BCP38 (was: Re: Why won't providers source-filter attacks? Simple.)

Chris Grundemann cgrundemann at gmail.com
Fri Feb 7 21:25:01 UTC 2014


On Fri, Feb 7, 2014 at 2:07 PM, Dobbins, Roland <rdobbins at arbor.net> wrote:

>
> On Feb 8, 2014, at 3:37 AM, John Curran <jcurran at arin.net> wrote:
>
> > It's also true that if a sizable group of network operators were to
> actually deploy source address validation (thus proving that it really is a
> reasonable approach and doesn't carry too much operational or vendor
> implications), then it would be quite reasonable for those operators to
> bring the results to NANOG and get it recognized as a best current
> operating practice for networks of similar design/purpose.
>
> Many already do - including operators of very large networks.  There are
> operational, vendor, and topological considerations which mean that it's
> achieved utilizing various mechanisms in different scenarios.
>

Documenting those various mechanisms which are actually utilized is the key
here. =)

$0.02
~Chris


-- 
@ChrisGrundemann
http://chrisgrundemann.com



More information about the NANOG mailing list