|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: IAB concerns against permanent deployment of edge-based filtering
> > > prudent/paranoid folk over the years have persuaded me that > > it makes the best sense to only run those applications/services > > that I need to and shut off everything else - until/unless there > > is a demonstrated need for it. > > very true for a host, even somewhat true for a site. very untrue > for a backbone. > > randy > there appears to be a disconnect in the wording of the IAB document: it starts: ---- IAB concerns against permanent deployment of edge-based filtering The IAB notes that there ISPs/ASes undertaking permanent deployment of edge-based protocol number/port number packet filtering on traffic received from eBGP peers. ---- it can be viewed from the perspective of a transit provider looking toward its edges, the clients. it can be viewed from the perspective of a multihomed client looking toward its edges, the transit providers. which one you take depends on where you start... :) then there is the idea of "permanent" deployment ... little is permanent in networking. the hard problem is when vendors put filters in silicon. :( --bill
|