I don't think that's a fair assumption. A few providers I talked to for a security current practiced document I am writing said they were deploying it between BGP peers and I recently asked for more clarification from some individuals to ensure I had correct info with respect to vendors. There is some support in some J boxes and also support in C boxes. I didn't get specific detail how it was deployed, just that is was. - merike On Aug 17, 2006, at 4:48 PM, John Smith wrote:
Then is it fair to assume that operators are not using it?
----- Original Message ---- From: Pekka Savola <pekkas@netcore.fi> To: John Smith <jsmith4112003@yahoo.co.uk> Cc: nanog@merit.edu Sent: Friday, 18 August, 2006 2:15:31 AM Subject: Re: GTSM - Do you use it?
On Thu, 17 Aug 2006, John Smith wrote:
I would like to know if operators use GTSM techniques with BGP and other routing protocols today? Is any at the perimeter of the routing domain deployed? I would believe that GTSM can provide protection against attacks more than a hop away and thus can save against a lot of potential Dos attacks.
Is anything done by the operators here?
We'd love to use it but unfortunately the J vendor doesn't support it very well even on T-series (if it supports it at all, not quite sure..).
Enhancement Requests haven't gotten through, but maybe gripes on nanog will :-(
-- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings