nanog mailing list archives
BCP38 - Internet Death Penalty
From: Jay Ashworth <jra () baylink com>
Date: Tue, 26 Mar 2013 10:51:45 -0400 (EDT)
Ok, let's haul this up out of the other thread. It seems consensus that the anti-source-address-spoofing provisions (at least) of BCP38 have long since become critical to mitigating (and eventually preventing) UDP attacks like DNS reflection and such, and that such attacks are uniformly considered Bad Things. It also seems that, with 13 years to get it done, even if equipment makers have put usable working knobs into their edge routers and concentrators, sufficient numbers of IAPs have not started turning them on. The problem here is, of course, one of externalities and the Common Good, hard sales to make in a business environment. But have we reached the point where it's time to start trying? Do we need to define a flag day, say one year hence, and start making the sales pitch to our Corporate Overlords that we need to apply the IDP to edge connections which cannot prove they've implemented BCP38 (or at very least, the source address spoofing provisions thereof)? Put this in contracts and renewals, with the same penalty? Do the engineering heads at the top 10 tier-1/2 carriers carry enough water to make that sale to the CEOs? Cheers, -- jr 'will rouse rabble for food' a -- Jay R. Ashworth Baylink jra () baylink com Designer The Things I Think RFC 2100 Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA #natog +1 727 647 1274
Current thread:
- BCP38 - Internet Death Penalty Jay Ashworth (Mar 26)
- Re: BCP38 - Internet Death Penalty Dobbins, Roland (Mar 26)
- Re: BCP38 - Internet Death Penalty Jared Mauch (Mar 26)
- Re: BCP38 - Internet Death Penalty Jimmy Hess (Mar 27)
- Re: BCP38 - Internet Death Penalty Valdis . Kletnieks (Mar 26)
- Re: BCP38 - Internet Death Penalty Jay Ashworth (Mar 26)
- Re: BCP38 - Internet Death Penalty Darius Jahandarie (Mar 26)
- Re: BCP38 - Internet Death Penalty Jared Mauch (Mar 26)
- Re: BCP38 - Internet Death Penalty Mikael Abrahamsson (Mar 26)
- Re: BCP38 - Internet Death Penalty Jared Mauch (Mar 26)
- Re: BCP38 - Internet Death Penalty bmanning (Mar 26)
- Re: BCP38 - Internet Death Penalty Dobbins, Roland (Mar 26)