nanog mailing list archives
Re: IP economics morphed into (TCP/RST)
From: Iljitsch van Beijnum <iljitsch () muada com>
Date: Thu, 22 Apr 2004 18:03:33 +0200
On 22-apr-04, at 16:11, Stephen J. Wilcox wrote:
There are more protection methods available than just MD5 (as you allude toSteve). One mitigator is to use "non-routed" space for BGP peer connections.
Hmm ok so assume for a moment that I dont want RFC1918 for my links, what are my options? :
There isnt a "link-local" for IP altho this would be a great solution (surelythis can be written for BGP??).
Who says BGP sessions must run over IP(v4)?In theory it shouldn't be a problem to exchange IPv4 routing information over IPv6 BGP TCP sessions. (But it seems some of our favorite vendors didn't add this scenario to their regression tests.)
Or I could use all eBGP addresses from a block which I dont route and filter internally.. I suspect this is a non-starter, I will have to include all my addresses given to me by peers and its gonna screw traces, monitoring etc.
Can I use secondary IP addresses and then BGP with these addresses, this would be a form of "security by obscurity" but providing you can keep the info asecret thats surely going to do it?
If you combine the two approaches above and filter all traffic to the primary address, traceroutes et al still work but people from the outside don't get to hit the route processor.
Current thread:
- TCP Vulnerability makes case for authenticated BGP, (continued)
- TCP Vulnerability makes case for authenticated BGP tad pedley (Apr 20)
- Re: TCP Vulnerability makes case for authenticated BGP Pekka Savola (Apr 20)
- Re: Backbone IP network Economics - peering and transit Stephen J. Wilcox (Apr 20)
- Re: Backbone IP network Economics - peering and transit Patrick W . Gilmore (Apr 20)
- IP economics morphed into (TCP/RST) Blaine Christian (Apr 20)
- Re: IP economics morphed into (TCP/RST) Stephen J. Wilcox (Apr 22)
- Re: IP economics morphed into (TCP/RST) Niels Bakker (Apr 22)
- Re: IP economics morphed into (TCP/RST) Stephen J. Wilcox (Apr 22)
- RE: IP economics morphed into (TCP/RST) Blaine Christian (Apr 22)
- RE: IP economics morphed into (TCP/RST) Stephen J. Wilcox (Apr 22)
- Re: IP economics morphed into (TCP/RST) Iljitsch van Beijnum (Apr 22)
- Re: IP economics morphed into (TCP/RST) E.B. Dreger (Apr 22)
- Re: Backbone IP network Economics - peering and transit Alexei Roudnev (Apr 21)
- Re: Backbone IP network Economics - peering and transit Daniel Golding (Apr 20)
- Re: Backbone IP network Economics - peering and transit Daniel Golding (Apr 20)
- RE: Backbone IP network Economics - peering and transit Stephen J. Wilcox (Apr 22)