North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: 69/8...this sucks -- Centralizing filtering..
What surprises me most about this entire thread is the lack of centralized filtering. Since most service providers should be thinking about a sink hole network for security auditing (and backscatter), why not have ONE place where you advertise all unreachable, or better yet -- a default (ie everything NOT learned through BGP peers), and just forward the packets to a bit bucket.. Which is better than an access list since, now we are forwarding packets instead of sending them to a CPU to increase router load. I don't think ARIN can help the situation. ISPs just need to remove the access lists from each router in the network and centralize them. Regards, mark -- Mark Segal Director, Data Services Futureway Communications Inc. Tel: (905)326-1570 > -----Original Message----- > From: E.B. Dreger [mailto:[email protected]] > Sent: March 10, 2003 10:17 AM > To: [email protected] > Subject: Re: 69/8...this sucks > > > > > Date: Mon, 10 Mar 2003 09:46:33 +0000 > > From: Michael.Dillon > > > > I have suggested that ARIN should set up an LDAP server to > publish the > > delegation of all their IP address space updated > > Not bad, but will the lazy ISPs set up an LDAP server to > track changes they aren't tracking now? Will those with > erroneous filters magically change simply because of LDAP? I > still contend the answer is is a boot to the head that > screams to them, "Update your freaking filters!" > > > Eddy > -- > Brotsman & Dreger, Inc. - EverQuick Internet Division > Bandwidth, consulting, e-commerce, hosting, and network building > Phone: +1 (785) 865-5885 Lawrence and [inter]national > Phone: +1 (316) 794-8922 Wichita > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > Date: Mon, 21 May 2001 11:23:58 +0000 (GMT) > From: A Trap <[email protected]> > To: [email protected] > Subject: Please ignore this portion of my mail signature. > > These last few lines are a trap for address-harvesting > spambots. Do NOT send mail to <[email protected]>, or you > are likely to be blocked. >
|