Re: Policy Statement on Address Space Allocations
Forrest W. Christian <forrestc@imach.com> wrote:
Is there some other method which would be as effective to destroy a specific net's connectivity to the majority of the net? A few come to mind right now:
1) ip route <luser's address & mask> null0
Deliberate injection of bogus routes is the reason sufficient to disconnect from the provider who's doing that completely. *No* serious ISP will ever want to unleash the routing wars.
2) ip filtering:
- Probably uses more CPU than #1, but doesn't screw with the routing tables.
You may want to ask Sean to send you a copy of SL-MAE-E's configuration. There already are *huge* filter lists, just to maintain sanity of routing.
I doubt you're going to need to add many filters :)
Heh. Never underestimate the laziness (overworkiness, underpaidness, or just plain cluelessness) of netadmins. Seriously, there are people which still believe that CIDR is a conspiracy.
As far as who will run the programs to check for this, I'm sure that a suitable home for the tools necessary could be found.
It is not the tools, it is the politics. Getting rid of nukes completely is a nice goal. Does anybody seriously think it can be done today? Not until we see the last of Kings and Presidents (not mentioning Senators and other Servants of the people). A net.politzai is a very unrewarding role, potentially leading to real lawsuits. Passive filtering with well-announced policy at least gives no food for lawyers. Sprint's policies are a result of extensive consultations between engineering, marketing and legal people (and activist customers), and is a way for Sprint to protect its own network from the routing collapse. --vadim Not speaking for Sprint.
On Sat, 27 Jan 1996, Vadim Antonov wrote:
You may want to ask Sean to send you a copy of SL-MAE-E's configuration. There already are *huge* filter lists, just to maintain sanity of routing.
That would be quite informative, actually. I might just drop him a note, if he has time to read it with all of this stuff going on her in cidrd and nanog.
I doubt you're going to need to add many filters :)
Heh. Never underestimate the laziness (overworkiness, underpaidness, or just plain cluelessness) of netadmins.
True, and of course it wouldn't be their fault that they ignored the message. But it would make for some interesting stories...
It is not the tools, it is the politics. Getting rid of nukes completely is a nice goal. Does anybody seriously think it can be done today? Not until we see the last of Kings and Presidents (not mentioning Senators and other Servants of the people).
A net.politzai is a very unrewarding role, potentially leading to real lawsuits. Passive filtering with well-announced policy at least gives no food for lawyers. Sprint's policies are a result of extensive consultations between engineering, marketing and legal people (and activist customers), and is a way for Sprint to protect its own network from the routing collapse.
I'm starting to understand a few more of the underlying issues here. It's not just a "balance the allocations vs the table size and figure out how to deal with the people who announce a /18 as 64 /24's..." issue. It's how to do the above and not get sued or otherwise trampled on... Thanks,-forrest
participants (2)
-
Forrest W. Christian
-
Vadim Antonov