|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: 69/8...this sucks -- Centralizing filtering..
> Since most service providers should be thinking about a sink hole network > for security auditing (and backscatter), why not have ONE place where you > advertise all unreachable, or better yet -- a default (ie everything NOT > learned through BGP peers), and just forward the packets to a bit bucket.. > Which is better than an access list since, now we are forwarding packets > instead of sending them to a CPU to increase router load. > > I don't think ARIN can help the situation. ISPs just need to remove the > access lists from each router in the network and centralize them. I totally agree with you. However, as always, centralized systems, while ease management and scalability, everything becomes a trust issue and a single point of failure or source of problems... May be, this could be a subscription based type of service, something like RADB, where everyone subscribes into a central filtering list that is managed by a seperate organization? I really like the Rob's bogon route-server setup. -hc > > Regards, > mark > > -- > Mark Segal > Director, Data Services > Futureway Communications Inc. > Tel: (905)326-1570 > > > > -----Original Message----- > > From: E.B. Dreger [mailto:[email protected]] > > Sent: March 10, 2003 10:17 AM > > To: [email protected] > > Subject: Re: 69/8...this sucks > > > > > > > > > Date: Mon, 10 Mar 2003 09:46:33 +0000 > > > From: Michael.Dillon > > > > > > > I have suggested that ARIN should set up an LDAP server to > > publish the > > > delegation of all their IP address space updated > > > > Not bad, but will the lazy ISPs set up an LDAP server to > > track changes they aren't tracking now? Will those with > > erroneous filters magically change simply because of LDAP? I > > still contend the answer is is a boot to the head that > > screams to them, "Update your freaking filters!" > > > > > > Eddy > > -- > > Brotsman & Dreger, Inc. - EverQuick Internet Division > > Bandwidth, consulting, e-commerce, hosting, and network building > > Phone: +1 (785) 865-5885 Lawrence and [inter]national > > Phone: +1 (316) 794-8922 Wichita > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > Date: Mon, 21 May 2001 11:23:58 +0000 (GMT) > > From: A Trap <[email protected]> > > To: [email protected] > > Subject: Please ignore this portion of my mail signature. > > > > These last few lines are a trap for address-harvesting > > spambots. Do NOT send mail to <[email protected]>, or you > > are likely to be blocked. > > >
|