nanog mailing list archives
Re: BCP38 is hard, was TWC (AS11351) blocking all NTP?
From: Mark Andrews <marka () isc org>
Date: Wed, 05 Feb 2014 11:48:06 +1100
In message <20140205002905.57856.qmail () joyce lan>, "John Levine" writes:
Why does it have to be hard? Restricting the filter to addresses which (A) the customer asserts are theirsHow does the customer do that in a way that scales?
You implement SIDR to the extent where you issue your multi homed customers CERTs for the address space you allocated to them. The customer can then just send signed requests to a automated service at the other ISPs along with the CERT which then builds the filters based on that information after verifying the CERTs authenticity. Now all of the above is completely automatable including the CERT generation. Yes, it requires someone to write a implementation and integrate it with the existing systems.
I don't think any of this is rocket science, but it apparently is a real block to BCP38/84 implementatin.
No, this isn't rocket science. It just requires a little co-ordination.
R's, John
-- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka () isc org
Current thread:
- Re: TWC (AS11351) blocking all NTP?, (continued)
- Re: TWC (AS11351) blocking all NTP? Majdi S. Abbas (Feb 04)
- Re: TWC (AS11351) blocking all NTP? William Herrin (Feb 04)
- Re: BCP38 is hard, was TWC (AS11351) blocking all NTP? John Levine (Feb 04)
- Re: BCP38 is hard, was TWC (AS11351) blocking all NTP? Paul Ferguson (Feb 04)
- Re: BCP38 is hard, was TWC (AS11351) blocking all NTP? Chuck Anderson (Feb 04)
- Re: BCP38 is hard, was TWC (AS11351) blocking all NTP? William Herrin (Feb 04)
- Re: BCP38 is hard, was TWC (AS11351) blocking all NTP? Octavio Alvarez (Feb 04)
- Re: BCP38 is hard, was TWC (AS11351) blocking all NTP? John R. Levine (Feb 04)
- Re: BCP38 is hard, was TWC (AS11351) blocking all NTP? William Herrin (Feb 04)
- Re: BCP38 is hard, was TWC (AS11351) blocking all NTP? John Levine (Feb 04)
- Re: BCP38 is hard, was TWC (AS11351) blocking all NTP? Mark Andrews (Feb 04)
- Re: BCP38 is hard, was TWC (AS11351) blocking all NTP? Randy Bush (Feb 04)
- Re: BCP38 is hard, was TWC (AS11351) blocking all NTP? Jay Ashworth (Feb 04)
- Re: BCP38 is hard, was TWC (AS11351) blocking all NTP? Saku Ytti (Feb 05)
- Re: BCP38 is hard, was TWC (AS11351) blocking all NTP? Jared Mauch (Feb 05)
- Re: BCP38 is hard, was TWC (AS11351) blocking all NTP? Saku Ytti (Feb 05)
- Re: BCP38 is hard, was TWC (AS11351) blocking all NTP? Octavio Alvarez (Feb 04)
- Re: BCP38 is hard, was TWC (AS11351) blocking all NTP? Mark Andrews (Feb 04)
- Re: TWC (AS11351) blocking all NTP? Damian Menscher (Feb 04)
- Re: TWC (AS11351) blocking all NTP? John R. Levine (Feb 03)