Request for comment -- BCP38
Jay R. Ashworth
jra at baylink.com
Sun Oct 2 01:27:13 UTC 2016
----- Original Message -----
> From: "John Levine" <johnl at iecc.com>
>>If you have links from both ISP A and ISP B and decide to send traffic out
>>ISP A's link sourced from addresses ISP B allocated to you, ISP A *should*
>>drop that traffic on the floor. There is no automated or scalable way for
>>ISP A to distinguish this "legitimate" use from spoofing; unless you
>>consider it scalable for ISP A to maintain thousands if not more
>>"exception" ACLs to uRPF and BCP38 egress filters to cover all of the cases
>>of customers X, Y, and Z sourcing traffic into ISP A's network using IPs
>>allocated to them by other ISPs?
> I gather the usual customer response to this is "if you don't want our
> $50K/mo, I'm sure we can find another ISP who does."
Come on, John. Anyone spending 50K a month belongs in PI space with BGP,
and they're a big enough customer for the ISPs to both put exception rules
in their ingress filters even if they're not.
Jay R. Ashworth Baylink jra at baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII
St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274
More information about the NANOG