Dorian R. Kim writes:
On Mon, 30 Sep 1996, Dorian R. Kim wrote:
On Mon, 30 Sep 1996, Barney Wolff wrote:
Er, why did the exchange operator let you put a router on their switching fabric if you're not peering there with somebody? Are there actual cases of people with routers at NAPs/MAEs/xIXs who don't peer with anyone?
It's possible that the fabric on which EP is built is used for other purposes. For example, Ameritech NAP runs on the same ATM switch that a research VPN called MREN runs on.
Of course, it should be pointed out that most NAP operaters distance themselves from peering agreements and so have no explicit knowledge whether NAP participants are peering with each other or not, and do not believe it is appropriate for them to inquire into such. NAP operators provide the facilities, but whatever the customers do with those facilities is up to them.
It's a really bad decision. It saves the cost of hiring a real engineer, but who wants to see a repeat of MAE-East? IXPs need a real traffic cop, at the very least, to wreak havoc on people who play nasty link-layer games. (Yes, it's conceivable that everyone on the IXP could guard themselves, but this is highly inefficient both in dollars and hours spent.) That's why we have refused to connect to MAE-NY at this time. BTW, although I may be flogging this issue, having a "traffic cop" at an IXP would make it a *hell* of a lot easier to track down, say, a SYN flooder once you worked backwards to the IXP from the attacked host. /a