nanog mailing list archives

Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS)

From: Sean Donelan <sean () donelan com>
Date: Mon, 8 Mar 2004 15:55:26 -0500 (EST)


On Mon, 8 Mar 2004, Steve Francis wrote:

That was exactly what I was doing by saying I will only get service from
ISPs that run loose-uRPF in cores. (or all edges, including peering links.)

I will not take service from ISP X, who is cheaper than ISP Y, if ISP X
cannot assure me that I will not get bogon sourced traffic on my link.


Why do you care how a provider does X?

Your requirement doesn't seem to be run loose-uRPF in cores, although that
may be one way a provider chooses to solve the problem.  You requirement
is "not get bogon sourced traffic on your link."

I know its tempting to tell other people how to run their networks.  But
specifying the solution sometimes cuts out alternative solutions which
work just as well or maybe better.

Current thread:

Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS), (continued)
- - - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Christopher L. Morrow (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) E.B. Dreger (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Sean Donelan (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Paul Vixie (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Sean Donelan (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection E.B. Dreger (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) E.B. Dreger (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Christopher L. Morrow (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) E.B. Dreger (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Steve Francis (Mar 08)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Sean Donelan (Mar 08)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Steve Francis (Mar 08)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Sean Donelan (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Laurence F. Sheldon, Jr. (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Dan Hollis (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Paul Vixie (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) E.B. Dreger (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Joe Provo (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Henry Linneweh (Mar 08)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Avleen Vig (Mar 07)
    - Re: Source address validation (was Re: UUNet Offer New Protection Against DDoS) Sean Donelan (Mar 07)

(Thread continues...)