filters are your friend. filters are your friends' friend.
Yes, but centralized database is not the answer. For one, it is liable to be screwed up completely from time to time (that much, InterNIC experience shows us). It is expensive to maintain; and the problem of accuracy of the information within is quite acute. The political implications of a cenrtalized agency are even worse; i do not think we want a replay of the domain name debate. The only real solution is strong cryptographical authentication of the ownership of routing prefixes. For some reason i do not see any serious work in that direction being done. For now, it may be a good idea for tier-1 providers to adhere to a procedure similar to that used (or used to be used) by Sprint: no customer routing information is accepted before customer's border box configuration passed inspection by Sprint staff. No-nos included unfiltered redistribution of IGP into BGP and lack of anti-transit AS-path filters. ---vadim