nanog mailing list archives

Re: 69/8...this sucks -- Centralizing filtering..

From: "Jack Bates" <jbates () brightok net>
Date: Mon, 10 Mar 2003 13:02:10 -0600


From: "Mark Segal"

Since most service providers should be thinking about a sink hole network
for security auditing (and backscatter),  why not have ONE place where you
advertise all unreachable, or better yet -- a default (ie everything NOT
learned through BGP peers), and just forward the packets to a bit bucket..
Which is better than an access list since, now we are forwarding packets
instead of sending them to a CPU to increase router load.

It would be nice if vendors had a variant to (in cisco terms) ip verify
unicast reverse-path that would work in asymmetrical networks. If you only
have a single link to the internet, the command works well, but then why
would you ever run bgp for a single uplink?

-Jack

Current thread:

Re: 69/8...this sucks -- Centralizing filtering.., (continued)
- - - Re: 69/8...this sucks -- Centralizing filtering.. Joe Boyce (Mar 10)
- RE: 69/8...this sucks -- Centralizing filtering.. Haesu (Mar 10)
  - Re: 69/8...this sucks -- Centralizing filtering.. Joe Abley (Mar 10)
- RE: 69/8...this sucks -- Centralizing filtering.. Christopher L. Morrow (Mar 10)
  - RE: 69/8...this sucks -- Centralizing filtering.. E.B. Dreger (Mar 10)
    - RE: 69/8...this sucks -- Centralizing filtering.. Christopher L. Morrow (Mar 10)
    - RE: 69/8...this sucks -- Centralizing filtering.. Barry Raveendran Greene (Mar 10)
    - RE: 69/8...this sucks -- Centralizing filtering.. E.B. Dreger (Mar 10)
    - Re: 69/8...this sucks -- Centralizing filtering.. Daniel Roesen (Mar 10)
    - Re: 69/8...this sucks -- Centralizing filtering.. E.B. Dreger (Mar 10)
- Re: 69/8...this sucks -- Centralizing filtering.. Jack Bates (Mar 10)
- RE: 69/8...this sucks -- Centralizing filtering.. Mark Segal (Mar 10)
- RE: 69/8...this sucks -- Centralizing filtering.. Mark Segal (Mar 10)
  - RE: 69/8...this sucks -- Centralizing filtering.. Haesu (Mar 10)
- RE: 69/8...this sucks -- Centralizing filtering.. Michael . Dillon (Mar 10)
  - RE: 69/8...this sucks -- Centralizing filtering.. Rob Thomas (Mar 10)
    - Re: 69/8...this sucks -- Centralizing filtering.. James-lists (Mar 10)
- RE: 69/8...this sucks -- Centralizing filtering.. Michael . Dillon (Mar 10)
- Re: 69/8...this sucks -- Centralizing filtering.. Michael . Dillon (Mar 10)
- RE: 69/8...this sucks -- Centralizing filtering.. McBurnett, Jim (Mar 10)
  - Re: 69/8...this sucks -- Centralizing filtering.. Jack Bates (Mar 10)

(Thread continues...)