|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Yahoo! Lessons Learned
> > At Tuesday 11:01 PM 2/8/00 , Daniel Senie wrote: > > >Please refer to RFC2644/BCP34 on the subject of directed broadcasts. > >This RFC recommends router vendors disable directed broadcasts by > >default. It also recommends ISPs disable directed broadcast on ALL > >routers. In light of the recent events, it would be good to see a > >concerted effort made by everyone to ensure this has been done. > > I recall that SprintLink had some, uhm, plans to put ingress (and > egress?) filters on all interfaces facing dedicated customers that > were not multi-homed. This came after realization that education of > the end-user was a fruitless and herculian task: Network smarts > are virtually non-existent in IT departments, and even loads of > smaller ISPs everywhere. Whatever became of this project ? If you sell a customer a circuit and they do nothing more than default to you with address space you provide, this is easy. If a customer talks BGP to you and you require them to submit prefixs to you for filtering (which should generally be the policy if you want any kind of protection against having 7 coppies of the internet routing tables in your network), this is also easy. You already know which netblocks can be sourced from that connection. If the CPU can handle it, there is no good reason not to do it. ---------------------------------------------------------------------- Wayne Bouchard [Immagine Your ] [email protected] [Company Name Here] Network Engineer ----------------------------------------------------------------------
|