Yeah, definately. But most backbones seem to have "customer routes" as an option, and if I trust them enough to get those routes correct then I will hopefully not have to bother with extreme amounts of filtering. It's pretty easy to enforce "no transit" at the packet filtering level -- only packets destined for my nets will be allowed in. Is there some other aspect of filtering I'm forgetting about? We have a dedicated and backup network engineer at any rate. The border router would be a cisco 7200 or 7500 series with 128Mb.
Dean
Is this really how people enforce "no transit"? I have been told that packet filtering is quite cpu expensive. I would think that packet filtering on a router that is probably already overburdened is not an attractive solution. Jim