nanog mailing list archives

Re: CloudFlare issues?

From: Mark Tinka <mark.tinka () seacom mu>
Date: Mon, 24 Jun 2019 20:16:39 +0200



On 24/Jun/19 16:11, Job Snijders wrote:


    - deploy RPKI based BGP Origin validation (with invalid == reject)
    - apply maximum prefix limits on all EBGP sessions
    - ask your router vendor to comply with RFC 8212 ('default deny')
    - turn off your 'BGP optimizers'


I cannot over-emphasize the above, especially the BGP optimizers.

Mark.

Current thread:

Re: Are network operators morons? [was: CloudFlare issues?], (continued)
- - - Re: Are network operators morons? [was: CloudFlare issues?] Matthew Walster (Jun 25)
    - Re: Are network operators morons? [was: CloudFlare issues?] Adam Kennedy via NANOG (Jun 25)
    - Re: Are network operators morons? [was: CloudFlare issues?] Mark Tinka (Jun 25)
    - Re: Are network operators morons? [was: CloudFlare issues?] Christopher Morrow (Jun 25)
    - Re: Are network operators morons? [was: CloudFlare issues?] Randy Bush (Jun 25)
    - Re: Are network operators morons? [was: CloudFlare issues?] Sean Donelan (Jun 25)
    - Re: Are network operators morons? [was: CloudFlare issues?] Randy Bush (Jun 25)
    - Re: CloudFlare issues? Stephen Satchell (Jun 25)
    - Re: CloudFlare issues? Aftab Siddiqui (Jun 25)
    - Re: CloudFlare issues? Ca By (Jun 25)
    - Re: CloudFlare issues? Mark Tinka (Jun 24)
    - Re: CloudFlare issues? Fredrik Korsbäck (Jun 24)
  - Re: CloudFlare issues? Jaden Roberts (Jun 24)
- Re: CloudFlare issues? Andree Toonk (Jun 24)
- Re: CloudFlare issues? Max Tulyev (Jun 24)
  - Re: CloudFlare issues? Filip Hruska (Jun 24)
    - Re: CloudFlare issues? Christopher Morrow (Jun 24)
  - Verizon Routing issue Jared Mauch (Jun 24)
    - Re: Verizon Routing issue ML (Jun 24)
    - Re: Verizon Routing issue Jared Mauch (Jun 24)
    - Re: Verizon Routing issue Max Tulyev (Jun 24)

(Thread continues...)