North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: 69/8...this sucks -- Centralizing filtering..

  • From: Mark Segal
  • Date: Mon Mar 10 10:31:11 2003

What surprises me most about this entire thread is the lack of centralized
filtering.

Since most service providers should be thinking about a sink hole network
for security auditing (and backscatter),  why not have ONE place where you
advertise all unreachable, or better yet -- a default (ie everything NOT
learned through BGP peers), and just forward the packets to a bit bucket..
Which is better than an access list since, now we are forwarding packets
instead of sending them to a CPU to increase router load. 

I don't think ARIN can help the situation.  ISPs just need to remove the
access lists from each router in the network and centralize them.

Regards,
mark

--
Mark Segal
Director, Data Services
Futureway Communications Inc.
Tel: (905)326-1570


> -----Original Message-----
> From: E.B. Dreger [mailto:[email protected]] 
> Sent: March 10, 2003 10:17 AM
> To: [email protected]
> Subject: Re: 69/8...this sucks
> 
> 
> 
> > Date: Mon, 10 Mar 2003 09:46:33 +0000
> > From: Michael.Dillon
> 
> 
> > I have suggested that ARIN should set up an LDAP server to 
> publish the 
> > delegation of all their IP address space updated
> 
> Not bad, but will the lazy ISPs set up an LDAP server to 
> track changes they aren't tracking now?  Will those with 
> erroneous filters magically change simply because of LDAP?  I 
> still contend the answer is is a boot to the head that 
> screams to them, "Update your freaking filters!"
> 
> 
> Eddy
> --
> Brotsman & Dreger, Inc. - EverQuick Internet Division 
> Bandwidth, consulting, e-commerce, hosting, and network building
> Phone: +1 (785) 865-5885 Lawrence and [inter]national
> Phone: +1 (316) 794-8922 Wichita
> 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
> From: A Trap <[email protected]>
> To: [email protected]
> Subject: Please ignore this portion of my mail signature.
> 
> These last few lines are a trap for address-harvesting 
> spambots. Do NOT send mail to <[email protected]>, or you 
> are likely to be blocked.
>