nanog mailing list archives
Re: BCP38 Deployment
From: Bingyang LIU <bjornliu () gmail com>
Date: Wed, 28 Mar 2012 19:05:03 +0200
Yeah, "contractual closures" might be a way to force the providers to deploy BCP38. However, when the customers become the target of a spoofing attack, the provider may not be able to protect its customers, because ingress filtering (including uRPF) is inefficient when done near the destination. In other words, an ISP can deploy BCP38 or whatever, but still cannot well protect its customers from spoofing attacks from other ASes. On Wed, Mar 28, 2012 at 6:54 PM, Eric Brunner-Williams <brunner () nic-naa net> wrote:
On 3/28/12 11:45 AM, David Conrad wrote:Actually, given the uptick in spoofing-based DoS attacks, the ease in which such attacks can be generated, recent high profile targets of said attacks, and the full-on money pumping freakout about anything with "cyber-" tacked on the front, I suspect a likely outcome will be proposals for legislation forcing ISPs to do something like BCP38.in a note (which didn't go anywhere in particular) i pointed out that contract may address the same issue for which legislation may be proposed, at least for "contractual closures" (sorry, a term of my own, defined below) which share the property some jurisdictions have of a finite access provider universe. i mean "contractual closure" to be the performance guarantee (or non-performance guarantee) present in a set of contracts for a particular service. think "china", after first abstracting all the negatives associated with policy as a property of a distributed, shared, public resource, or "firewalls 4 (bcp defined) good". -e
-- Bingyang Liu Network Architecture Lab, Network Center,Tsinghua Univ. Beijing, China Home Page: http://netarchlab.tsinghua.edu.cn/~liuby
Current thread:
- Re: BCP38 Deployment, (continued)
- Re: BCP38 Deployment Michael Thomas (Mar 28)
- Re: BCP38 Deployment Leo Bicknell (Mar 28)
- Re: BCP38 Deployment Michael Thomas (Mar 28)
- Re: BCP38 Deployment Leo Bicknell (Mar 28)
- Re: BCP38 Deployment Valdis . Kletnieks (Mar 28)
- Re: BCP38 Deployment David Conrad (Mar 28)
- Re: BCP38 Deployment Leo Bicknell (Mar 28)
- Re: BCP38 Deployment goemon (Mar 28)
- Re: BCP38 Deployment Bingyang LIU (Mar 28)
- Re: BCP38 Deployment Eric Brunner-Williams (Mar 28)
- Re: BCP38 Deployment Bingyang LIU (Mar 28)
- Re: BCP38 Deployment goemon (Mar 28)
- Re: BCP38 Deployment Joe Provo (Mar 29)
- Re: BCP38 Deployment Jon Lewis (Mar 29)
- Re: BCP38 Deployment Joe Provo (Mar 29)
- Comcast Ethernet Feed Brian R. Watters (Mar 29)
- Re: Comcast Ethernet Feed Brielle Bruns (Mar 29)
- Re: Comcast Ethernet Feed Jon Lewis (Mar 29)
- Re: Comcast Ethernet Feed Brielle Bruns (Mar 29)
- Re: Comcast Ethernet Feed Brielle Bruns (Mar 29)
- Re: Comcast Ethernet Feed Brian R. Watters (Mar 29)