Alex - Have any of your peers complained? I can't imagine anyone caring (strenuously) if a peer applies filters to bogus addresses. Every peer I have dealt with for a matter like that, while it may take time to get to the right people, have made no complaints about us doing the filtering or even adding the filtering (on a temporary basis) to their own border/core routers. Deepak Jain AiNET On Sat, 12 Feb 2000, Alex Bligh wrote:
Paul,
Is it within the realm of possibility that ISP's will start to craft SLA's, peering & transit agreements, to include who is responsible for ingress filtering?
It is in the realm of fact. Our (*) agreements with our customers specifically prevent them from sending packets with source IP addresses outside agreed ranges, and have done for close on 2 years. Our peering agreements (and this is in the LINX template agreement too, which shares the same author) have provisions which make the peer responsible for ensuring they aren't sending spoofed source addresses.
I know several other people do this too. We have not yet tested enforceability, though we have used the existence of the clause to justify unilateral application of filters in one or two occurrences.
(*) 'Our' in this context means GX Networks a.k.a. Concentric Europe. I am unfamiliar with the US situation.
-- Alex Bligh VP Core Network, Concentric Network Corporation (formerly GX Networks, Xara Networks)