sean@donelan.com (Sean Donelan) writes:
If c.root-servers.net provider did this, they wouldn't see any RFC1918 traffic because it would be dropped at their provider's border routers.
Right. But then I wouldn't be able to measure it, which would be bad.
If c.root-servers.net provider's peer did this, again c.root-servers.net provider wouldn't see the rfc1918 packets.
This is the single case where not being able to measure/complain would be OK, because the problem wouldn't be "in the core", it would be (correctly) stopped at the source-AS.
So why doesn't c.root-servers.net provider or its peers implement this "simple" solution? Its not a rhetorical question. If it was so simple, I assume they would have done it already.
C-root's provider is also C-root's owner, and they have offerred to shut this traffic off further upstream, as F-root's network operators were doing until yesterday, but I asked that it not be filtered anywhere except C-root itself (where I can measure it) or distant source-AS's (which is where it makes sense.) -- Paul Vixie