Request for comment -- BCP38

Jay R. Ashworth jra at
Sun Oct 2 01:27:13 UTC 2016

----- Original Message -----
> From: "John Levine" <johnl at>

>>If you have links from both ISP A and ISP B and decide to send traffic out
>>ISP A's link sourced from addresses ISP B allocated to you, ISP A *should*
>>drop that traffic on the floor.  There is no automated or scalable way for
>>ISP A to distinguish this "legitimate" use from spoofing; unless you
>>consider it scalable for ISP A to maintain thousands if not more
>>"exception" ACLs to uRPF and BCP38 egress filters to cover all of the cases
>>of customers X, Y, and Z sourcing traffic into ISP A's network using IPs
>>allocated to them by other ISPs?
> I gather the usual customer response to this is "if you don't want our
> $50K/mo, I'm sure we can find another ISP who does."

Come on, John.  Anyone spending 50K a month belongs in PI space with BGP,
and they're a big enough customer for the ISPs to both put exception rules
in their ingress filters even if they're not.

-- jra
Jay R. Ashworth                  Baylink                       jra at
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates          2000 Land Rover DII
St Petersburg FL USA      BCP38: Ask For It By Name!           +1 727 647 1274

More information about the NANOG mailing list