babylon@egenius.org writes:
Why do we expect the same ISP engineers to be better at configuring negative lists or keeping them up to date?
According to Craig Labovitz's study published at Microsoft http://www.research.microsoft.com/research/pubs/view.aspx?msr_tr_id=MSR-TR-2... 100% of the ISP's surveyed filter inbound customer route announcements.
Ahhh, but that was not the correct question to ask (I have not read the study). It is not whether ISP's filter inbound customer route announcements. It is how they filter them. If the customer goes and says I am going to announce 4.0.0.0/8 and the ISP just blindly adds that to the filter, we have a problem, but the ISP did answer that question truthfully. They are filtering.
Many ISPs use AS path filters for customers with a large number of announcements. Some implement netblock filters that are not exact matches. Both of these are examples where the ISP would honestly say they filter but holes exist. -Hank