nanog mailing list archives
Re: 69/8...this sucks -- Centralizing filtering..
From: "Peter Galbavy" <peter.galbavy () knowtion net>
Date: Tue, 11 Mar 2003 17:28:41 -0000
If all routes in the routing table are good (which soBGP and S-BGP can do for you) and routers filter based on the contents of the routing table, hosts will not see any bogon packets except locally generated ones so they shouldn't have bogon filters of their own. So this will indeed solve the problem for these people.
I believe you are confusing authentication with authorisation. Having authentic routes does not imply that all the traffic will be 'correct'. Various networks will always fail to filter customer traffic at ingress etc. and then source address spoofing becomes trivial. Peter
Current thread:
- RE: 69/8...this sucks -- Centralizing filtering.., (continued)
- RE: 69/8...this sucks -- Centralizing filtering.. jlewis (Mar 10)
- 202/7 (RE: 69/8...this sucks -- Centralizing filtering..) E.B. Dreger (Mar 10)
- Re: 69/8...this sucks -- Centralizing filtering.. Ray Bellis (Mar 10)
- Re: 69/8...this sucks -- Centralizing filtering.. Jack Bates (Mar 10)
- Re: 69/8...this sucks -- Centralizing filtering.. Stephen Sprunk (Mar 11)
- Re: 69/8...this sucks -- Centralizing filtering.. jlewis (Mar 11)
- Re: 69/8...this sucks -- Centralizing filtering.. Shane Kerr (Mar 14)
- RE: 69/8...this sucks -- Centralizing filtering.. Iljitsch van Beijnum (Mar 11)
- Re: 69/8...this sucks -- Centralizing filtering.. Jack Bates (Mar 11)
- Re: 69/8...this sucks -- Centralizing filtering.. Iljitsch van Beijnum (Mar 11)
- Re: 69/8...this sucks -- Centralizing filtering.. Peter Galbavy (Mar 11)
- Re: 69/8...this sucks -- Centralizing filtering.. Iljitsch van Beijnum (Mar 11)
- Re: 69/8...this sucks -- Centralizing filtering.. Jack Bates (Mar 11)
- RE: 69/8...this sucks -- Centralizing filtering.. Owen DeLong (Mar 11)