nanog mailing list archives

Re: Filter on IXP

From: Jérôme Nicolle <jerome () ceriz fr>
Date: Fri, 28 Feb 2014 16:42:59 +0100

Hi Chris,

Le 23/02/2014 01:43, Chris Laffin a écrit :

It would be really cool if peering exchanges could police ntp on their connected members.


Well, THIS looks like the worst idea ever. Wasting ASIC ressources on
IXP's dataplanes is a wet-dream for anyone willing to kill the network.
IXP's neutrality is a key factor to maintain reasonable interconnexion
density.

Instead, IXPs _could_ enforce BCP38 too. Mapping the route-server's
received routes to ingress _and_ egress ACLs on IXP ports would mitigate
the role of BCP38 offenders within member ports. It's almost like uRPF
in an intelligent and useable form.

A noticeable side-effect is that members would be encouraged to announce
their entire customer-cones to ensure egress trafic from a non-exchanged
prefix would not be dropped on the IX's port.

By the way, would anyone know how to generate OpenFlow messages to push
such filters to member ports ? Would there be any smat way to do that on
non-OpenFlow enabled dataplanes (C6k...) ?

Best regards,

-- 
Jérôme Nicolle
+33 6 19 31 27 14

Current thread:

Re: Filter NTP traffic by packet size?, (continued)
- - - Re: Filter NTP traffic by packet size? Frank Habicht (Feb 26)
    - Re: Filter NTP traffic by packet size? Jimmy Hess (Feb 26)
    - Re: Filter NTP traffic by packet size? Niels Bakker (Feb 28)
    - Re: Filter NTP traffic by packet size? Randy Bush (Feb 28)
    - Re: Filter NTP traffic by packet size? Niels Bakker (Feb 28)
    - Re: Filter NTP traffic by packet size? Robert Drake (Feb 26)
    - Re: Filter NTP traffic by packet size? Keegan Holley (Feb 27)
    - Re: Filter NTP traffic by packet size? Jimmy Hess (Feb 26)
    - Re: Filter NTP traffic by packet size? Robert Drake (Feb 26)
    - Re: Filter NTP traffic by packet size? Cb B (Feb 25)
    - Re: Filter on IXP Jérôme Nicolle (Feb 28)
    - Re: Filter on IXP Jay Ashworth (Feb 28)
    - Re: Filter on IXP Jérôme Nicolle (Feb 28)
    - Re: Filter on IXP Randy Bush (Feb 28)
    - Re: Filter on IXP Jérôme Nicolle (Feb 28)
    - Re: Filter on IXP Nick Hilliard (Feb 28)
    - Re: Filter on IXP Patrick W. Gilmore (Feb 28)
    - Re: Filter on IXP Jérôme Nicolle (Feb 28)
    - Re: Filter NTP traffic by packet size? Saku Ytti (Feb 22)
- Re: Filter NTP traffic by packet size? Laszlo Hanyecz (Feb 20)
  - Re: Filter NTP traffic by packet size? James R Cutler (Feb 20)

(Thread continues...)