North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Operators Penalized? (was Re: Kenyan Route Hijack)

  • From: Pekka Savola
  • Date: Mon Mar 17 12:10:03 2008

On Mon, 17 Mar 2008, Larry J. Blunk wrote:
 RFC2827 is about source address filtering which
is not really the same as BGP route announcement
filtering.  Unfortunately, I have not come across
any RFC's with a thorough discussion of route
filtering.   It is mentioned briefly in RFC 3013,
but section 4.5 only suggests filtering routes for
private address space.  RFC 4778 also mentions it,
but again, there is no in depth discussion.  Perhaps
it is time for an RFC dedicated to route filtering

This provides half a page summary of what can be done without sweating too much:

Applying a (secure) IRR database to build filters for peers and transits has not (AFAIK) been very well documented anywhere. But on the other hand, not too many people are using it either. Unless a better place or a new document is found for that, I can add some verbiage to the abovementioned draft.

(Currently, however, it is not obvious to me if that draft is going to progress, and if so which IETF WG or similar forum would be the right place to develop it.)

Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings