[EXTERNAL] Re: BCP38 For BGP Customers

Compton, Rich A Rich.Compton at charter.com
Tue Nov 8 17:17:42 UTC 2022 

Hi Joel, can you please point us to the IETF draft document that describes how a "combination of ASPA and RPKI can be used to help with DDoS prevention".  I was not able to find it. 
Thanks!
-Rich

On 11/8/22, 8:05 AM, "NANOG on behalf of Joel Halpern" <nanog-bounces+rich.compton=charter.com at nanog.org on behalf of jmh at joelhalpern.com> wrote:

    CAUTION: The e-mail below is from an external source. Please exercise caution before opening attachments, clicking links, or following guidance.

    There is work a tthe IETF on an addon to RPKI called ASPA.  There is a 
    draft that describes how the combiantion of ASPA and RPKI can be used to 
    help with DDOS prevention.

    There is also a working group at the IETF called SAVNET that is looking 
    at what technological additions can be made to address the shortcomings 
    in BCP 38.  In fairness, there is distinct disagreement as to what those 
    shortcomings are, and whether the ideas being presented can help.  Input 
    from more operators would be great.  (For completeness, I am a co-chair 
    of that working group.)

    Yours,

    Joel

    On 11/8/2022 9:39 AM, Brian Turnbow via NANOG wrote:
    > Hi Mike
    >
    >
    >
    >> This may not exist yet, but what about a uRPF-like feature that uses RPKI, IRR, etc. instead of current BGP feed?
    >
    > There is rfc8704 that extends urpf
    > But I do not know of any commercial available solutions
    >
    >
    > Brian

E-MAIL CONFIDENTIALITY NOTICE: 
The contents of this e-mail message and any attachments are intended solely for the addressee(s) and may contain confidential and/or legally privileged information. If you are not the intended recipient of this message or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message and any attachments. If you are not the intended recipient, you are notified that any use, dissemination, distribution, copying, or storage of this message or any attachment is strictly prohibited.

More information about the NANOG mailing list