RE: Winstar says there is no TCP/BGP vulnerability

["Michel Py" <michel () arneill-py sacramento ca us>]

> Patrick W.Gilmore wrote:
> And when that process involves customers calling to ask
> why they can't get to XXX web site (no pun intended -
> I'm sure no one would filter a pr0n site :), it is much
> more than "a bitch", it is a CLM/CEM.

But you're missing something fundamental here: for non-tier-1s, the very
purpose of peering is to offload your transit. If you filter the routes
you accept from the peer, you don't shoot yourself in the foot, all you
do is to send traffic to that prefix to transit, which is what you would
have done in the first place if you were not peering. In other words, if
your ingress route-map to filter prefixes received from the peer is
incomplete, your only loss is that you will not reap the benefits of
peering for the omitted prefix(es).

I never said that prefix-filtering peering should shoot for perfection;
if a few prefixes slip through the cracks and they're worth a modemload
of traffic, who cares?

Michel.