On Mar 17, 2013, at 8:55 PM, Christopher Morrow <morrowc.lists@gmail.com> wrote:
On Sun, Mar 17, 2013 at 6:36 PM, Arturo Servin <arturo.servin@gmail.com> wrote:
They should publish the spoofable AS. Not for public shame but at least to show the netadmins that they are doing something wrong, or if they are trying to do the good think is not working.
Or at least a tool to check for your ASN or netblock.
I don't disagree, but I'd point out that there are likely easier places to do bcp38 than others in everyone's network(s)... So, 'I do bcp38' unqualified is not as helpful, especially when almost all consumer grade links are bcp38 by default, which is likely where a bunch of this measurement originates. (well, I suspect a bunch of it is from consumer-grade links anyway)
(Not sure how this made it from c-nsp to nanog, but ...) uRPF/BCP38 is an important part of a global solution. Similar to open-relays, smurf amplifiers, and other "badness" on the network, one must assist the global network by deploying it where it makes sense. Deploying it at your customer ports may make sense depending on your network. Deploying it on peers may also make sense. I think having a simple set of locations where people actually deploy it is critical, eg: Colocation Network Server Lans VPS Lans Static Routed Customer Edge This should be the default, and something I've pushed at my employer for years. If you do nothing, you can expect nothing as the result. If you attempt do so something, you can at least get an idea of where it's not coming from. At least target these easy edges of the network where there is some value. - Jared