North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Packet Kiddies Invade NANOG
--- [email protected] wrote: > Assuming that they are not sourcing the attacks > in Banetele's AS, then you, the peer of Banetele > are delivering the packet stream that kills the > BGP session. How long before peering agreements > require ACLs in border routers so that only BGP > peering routers can source traffic destined to > your BGP speaking routers? Even better is to seperate the control plane from the forwarding plane, and ensure that the control plane of a given router cannot be spoken to by anyone who is not either internal or a direct BGP peer. Why permit garbage to touch your network? -David Barak -Fully RFC 1925 Compliant- ===== David Barak -fully RFC 1925 compliant- __________________________________ Do you Yahoo!? Yahoo! Mail - More reliable, more storage, less spam http://mail.yahoo.com
|