Request for comment -- BCP38

Jay R. Ashworth jra at baylink.com
Sun Oct 2 01:27:13 UTC 2016


----- Original Message -----
> From: "John Levine" <johnl at iecc.com>

>>If you have links from both ISP A and ISP B and decide to send traffic out
>>ISP A's link sourced from addresses ISP B allocated to you, ISP A *should*
>>drop that traffic on the floor.  There is no automated or scalable way for
>>ISP A to distinguish this "legitimate" use from spoofing; unless you
>>consider it scalable for ISP A to maintain thousands if not more
>>"exception" ACLs to uRPF and BCP38 egress filters to cover all of the cases
>>of customers X, Y, and Z sourcing traffic into ISP A's network using IPs
>>allocated to them by other ISPs?
> 
> I gather the usual customer response to this is "if you don't want our
> $50K/mo, I'm sure we can find another ISP who does."

Come on, John.  Anyone spending 50K a month belongs in PI space with BGP,
and they're a big enough customer for the ISPs to both put exception rules
in their ingress filters even if they're not.

Cheers,
-- jra
-- 
Jay R. Ashworth                  Baylink                       jra at baylink.com
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates       http://www.bcp38.info          2000 Land Rover DII
St Petersburg FL USA      BCP38: Ask For It By Name!           +1 727 647 1274


More information about the NANOG mailing list