nanog mailing list archives

Re: BCP38 Deployment

From: David Conrad <drc () virtualized org>
Date: Wed, 28 Mar 2012 14:49:02 -0700

On Mar 28, 2012, at 12:03 PM, Leo Bicknell wrote:

Tier 1       T640 core network with 10GE handoff
Regional     Cisco GSR network with 1GE handoff
Local        1006 to Arris CMTS
Subscriber   Motorola Cable Modem to NetGear SOHO Gateway
User         Patron with Airport Express sharing a wired connection to WiFi
...
If you were going to write it into law/regulation, where would you require it?


Seems to me that from a legislator's perspective, there is a pretty bright (as in "moth attracted to flame") line 
between "subscriber" and "provider".

Maybe all of them should, but can they from a technologial perspective?


Implementing telephone number portability was probably technologically more challenging for the telcos to deal with but 
that didn't stop the legislators from requiring it.

I think given the thorny set of issues that taking a step back and
saying, "rather than a perfect solution, what gets us most of the
way there the cheapest, and quick" is a good question to ask.


You don't think that question has already been asked?

It has been a dozen years since BCP38 was published. Over that period, the Internet has grown immensely and with it, 
the threats the ability to trivially spoofing source addresses represents.  As far as I can tell, there has been little 
to no improvement in mechanisms to reduce those threats, yet high profile attacks against governments, 
departments/ministries, commercial organizations, etc., have only increased.  

I figure at some point (likely after a particularly high-profile attack), politicians and their corporate masters are 
going to feel the need to be seen to "do something about the problem." I have some skepticism that 'something' is going 
to be an ideal solution.

The perfect is the enemy of the good in this case.  Solving this at the
consumer CPE level would remove 90-95% of the problem at zero hardware
cost, a very small software cost, and a very small support cost and
probably make us stop talking about this issue all together.


And the incentive for CPE manufacturers to invest in the small software cost is?

Regards,
-drc

Current thread:

Re: BCP38 Deployment, (continued)
- - - Re: BCP38 Deployment Darius Jahandarie (Mar 28)
    - Re: BCP38 Deployment David Conrad (Mar 28)
    - Re: BCP38 Deployment Darius Jahandarie (Mar 28)
    - Re: BCP38 Deployment Bingyang LIU (Mar 28)
    - RE: BCP38 Deployment Drew Weaver (Mar 28)
    - Re: BCP38 Deployment Michael Thomas (Mar 28)
    - Re: BCP38 Deployment Leo Bicknell (Mar 28)
    - Re: BCP38 Deployment Michael Thomas (Mar 28)
    - Re: BCP38 Deployment Leo Bicknell (Mar 28)
    - Re: BCP38 Deployment Valdis . Kletnieks (Mar 28)
    - Re: BCP38 Deployment David Conrad (Mar 28)
    - Re: BCP38 Deployment Leo Bicknell (Mar 28)
    - Re: BCP38 Deployment goemon (Mar 28)
    - Re: BCP38 Deployment Bingyang LIU (Mar 28)
    - Re: BCP38 Deployment Eric Brunner-Williams (Mar 28)
    - Re: BCP38 Deployment Bingyang LIU (Mar 28)
    - Re: BCP38 Deployment goemon (Mar 28)
    - Re: BCP38 Deployment Joe Provo (Mar 29)
    - Re: BCP38 Deployment Jon Lewis (Mar 29)
    - Re: BCP38 Deployment Joe Provo (Mar 29)
    - Comcast Ethernet Feed Brian R. Watters (Mar 29)

(Thread continues...)