|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: DOS attack against DNS?
[email protected] (Joel Jaeggli) writes: > > people inside one of the largest networks have told me that they have > > customers who require the ability to bypass BCP38 restrictions, and that > > they will therefore never be fully BCP38 compliant. ... > > Consider people in the rest of the world who may purchase simplex > satellite links. By definition they inject traffic in places they aren't > announcing their route from. yup, those are exactly the customers i was told about. (see above.) however, there's still a way to filter-list the various interfaces -- it's just harder than letting the routing table imply your filter-list for you. also however, if these were the only customers who weren't made to follow BCP38, there would not be a global BCP38-related problem right now. or, as i said before: > > i've asked for BCP38 to become the default on all their other present > > and future customers ... -- Paul Vixie
|