nanog mailing list archives

Re: BCP38 adoption "incentives"?

From: "Zbyněk Pospíchal" <zbynek () dialtelecom cz>
Date: Tue, 27 Sep 2016 15:07:20 +0200

The implementation of BCP38 over local market strongly increased after
massive DDoS attacks in 2013 affecting major part of the industry thanks
to an initiative of the most important local IXP.

There is a special separate last-resort "island mode" network, which is
intended to be activated in case of really major attacks to keep an
accessibility of (at least) local services for local users.
Implementation of BCP38 is one of the (lot of) requirements.

Positive motivation is definitely better than asking politicians for
regulations. More: https://fe.nix.cz/en/

Regards,
Zbynek




Dne 27.09.16 v 14:46 Mikael Abrahamsson napsal(a):

On Tue, 27 Sep 2016, Stephen Satchell wrote:

You have to make their ignorance SUBTRACT from the bottom line.


I'd say there is no way to actually achieve this. BCP38 non-compliance
doesn't hurt the one not in compliance in any significant amount, it
hurts everybody else.

The only way I can imagine BCP38 ever happening widely is by means of
legislation, which of course is really hard because Internet spans
countries/continents.

Doing anti-spoofing should be done at the edge, the further up into the
core you try to do it, the bigger risk you're breaking lots of users'
connectivity, causing customer complaints.
re
In some countries I'm sure BCP38 compliance could be increased by means
of legislation and fining companies that do not do BCP38 filtering. But
before we do that, we need to agree that BCP38 compliance is a must. I
don't think we're there. I have heard people say that if they don't
allow some of their customers to spoof, they're losing business, because
some customers have built complete (deployed) solutions that are built
on the fact that they can spoof packets. These people will have to be
convinced that they're doing it wrong and re-design their solutions.
This is going to cost them dearly, so they're going to be upset.

With all the IoT devices out there, do people even need to spoof anymore?

Current thread:

BCP38 adoption "incentives"? Stephen Satchell (Sep 27)
- Re: BCP38 adoption "incentives"? Mikael Abrahamsson (Sep 27)
  - Re: BCP38 adoption "incentives"? Zbyněk Pospíchal (Sep 27)
    - Re: BCP38 adoption "incentives"? Mikael Abrahamsson (Sep 27)
    - Re: BCP38 adoption "incentives"? Zbyněk Pospíchal (Sep 27)
    - Re: BCP38 adoption "incentives"? Mikael Abrahamsson (Sep 27)
    - Re: BCP38 adoption "incentives"? Zbyněk Pospíchal (Sep 28)
- Re: BCP38 adoption "incentives"? Joe Klein (Sep 27)
  - Re: BCP38 adoption "incentives"? Mikael Abrahamsson (Sep 27)
    - Re: BCP38 adoption "incentives"? Mike Jones (Sep 27)
    - Re: BCP38 adoption "incentives"? Mikael Abrahamsson (Sep 27)
    - Re: BCP38 adoption "incentives"? Joe Klein (Sep 27)
    - Re: BCP38 adoption "incentives"? Alain Hebert (Sep 28)

(Thread continues...)