North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: [admin] [summary] RE: YouTube IP Hijacking

  • From: Jared Mauch
  • Date: Tue Feb 26 20:34:29 2008

On Wed, Feb 27, 2008 at 10:09:19AM +0900, Adrian Chadd wrote:
> > (speaking as someone who has built large ACLs/prefix-lists and has 
> > 6MB+ configs that can't be loaded on my routers.  without vendor support
> > those that want to do the right thing can't, so the game is lost).
> Getting Cisco/Juniper/etc to push -that- as part of their best practices
> for network design would be quite helpful.
> The problem isn't that the router config is too easy Jared, its that
> there's no nice and easy  way of doing it right from scratch that matches
> the sort of newbie network operators that exist today. For examples
> of what "new school" netops are like, visit isp-* lists. There's a lot of
> clue there, its just "different" and "haven't learnt from the old school
> experience" clue, and its amusing/sad to watch people make the same
> mistakes you all did in the 90s. :)
> (Where's vijay now when science for generated network configurations
> is needed?)
> Make the public tools better. Push the tools as best practice.

	The problem is that some of us have developed tools that
are considered our companies "property", so we can't just go ahead and
release it to the public.

	Who is gonna start the project to get this going?  How do you
integrate it with your existing provisioning system?  I've regularly heard
some of the larger telecoms quote times of ~2-3 years and $10m+ for any
project like this.  Not sure if those timelines ever were started.
Perhaps this is something that renesys or cariden could market and sell?
(just to name two nanog sponsors that have some sort of dataset or tools
 that could apply).

	I'd like to see this all cleaned up and get better.  I track
obvious leaks that should be caught by as-path filtering and proper
policy here:

	there's a stats page one can find so you can track the number
of leaks/day that are seen, including the most common as-paths.

	if you're smart try appending ?days=3 on the end of the statistics

	- jared

Jared Mauch  | pgp key available via finger from [email protected]xxxxxxxxxx
clue++;      |  My statements are only mine.