nanog mailing list archives
Re: 69/8...this sucks -- Centralizing filtering..
From: "Jack Bates" <jbates () brightok net>
Date: Mon, 10 Mar 2003 13:02:10 -0600
From: "Mark Segal"
Since most service providers should be thinking about a sink hole network for security auditing (and backscatter), why not have ONE place where you advertise all unreachable, or better yet -- a default (ie everything NOT learned through BGP peers), and just forward the packets to a bit bucket.. Which is better than an access list since, now we are forwarding packets instead of sending them to a CPU to increase router load.
It would be nice if vendors had a variant to (in cisco terms) ip verify unicast reverse-path that would work in asymmetrical networks. If you only have a single link to the internet, the command works well, but then why would you ever run bgp for a single uplink? -Jack
Current thread:
- Re: 69/8...this sucks -- Centralizing filtering.., (continued)
- Re: 69/8...this sucks -- Centralizing filtering.. Joe Boyce (Mar 10)
- RE: 69/8...this sucks -- Centralizing filtering.. Haesu (Mar 10)
- Re: 69/8...this sucks -- Centralizing filtering.. Joe Abley (Mar 10)
- RE: 69/8...this sucks -- Centralizing filtering.. Christopher L. Morrow (Mar 10)
- RE: 69/8...this sucks -- Centralizing filtering.. E.B. Dreger (Mar 10)
- RE: 69/8...this sucks -- Centralizing filtering.. Christopher L. Morrow (Mar 10)
- RE: 69/8...this sucks -- Centralizing filtering.. Barry Raveendran Greene (Mar 10)
- RE: 69/8...this sucks -- Centralizing filtering.. E.B. Dreger (Mar 10)
- Re: 69/8...this sucks -- Centralizing filtering.. Daniel Roesen (Mar 10)
- Re: 69/8...this sucks -- Centralizing filtering.. E.B. Dreger (Mar 10)
- RE: 69/8...this sucks -- Centralizing filtering.. E.B. Dreger (Mar 10)
- RE: 69/8...this sucks -- Centralizing filtering.. Haesu (Mar 10)
- RE: 69/8...this sucks -- Centralizing filtering.. Rob Thomas (Mar 10)
- Re: 69/8...this sucks -- Centralizing filtering.. James-lists (Mar 10)
- Re: 69/8...this sucks -- Centralizing filtering.. Jack Bates (Mar 10)