nanog mailing list archives
Re: BGP FlowSpec support on provider networks
From: sthaug () nethelp no
Date: Sat, 11 Apr 2009 22:31:51 +0200 (CEST)
Now I realize that FlowSpec isn't a panacea, but it certainly meets some of the requirements that many customers have today, and it gives us a lot more flexibility over simply destination based filtering. Whether it's FlowSpec or something else, what's it going to take to get the vendors and the providers to start moving forward on technologies that are way overdue given the current trend of worms, botnets, and other Internet nastiness?
Well, pretty clearly it's going to have to be multivendor, and not IPR encumbered. Aside from that, of course, the usual advice is to talk to your SE and vote with your wallet.
From our point of view, BGP triggered destination-based filtering is
still one of our most important tools. We have thought about FlowSpec but haven't felt the need sufficiently strongly. Due to M&A we are now moving to a mixed Cisco/Juniper network - and FlowSpec is no longer all that interesting since Cisco doesn't implement it. Steinar Haug, Nethelp consulting, sthaug () nethelp no
Current thread:
- BGP FlowSpec support on provider networks Fouant, Stefan (Apr 10)
- Re: BGP FlowSpec support on provider networks John Payne (Apr 10)
- Re: BGP FlowSpec support on provider networks Christopher Morrow (Apr 10)
- Re: BGP FlowSpec support on provider networks Jared Mauch (Apr 11)
- RE: BGP FlowSpec support on provider networks Fouant, Stefan (Apr 11)
- Re: BGP FlowSpec support on provider networks sthaug (Apr 11)
- Re: BGP FlowSpec support on provider networks Christopher Morrow (Apr 10)
- Re: BGP FlowSpec support on provider networks John Payne (Apr 10)
- <Possible follow-ups>
- Re: BGP FlowSpec support on provider networks Richard A Steenbergen (Apr 10)