On 11 Aug 2003 at 22:03, Tony Hain wrote: > Pekka Savola wrote: > > Why exactly is advertising the aggregate a problem? The > > nodes will filter > > out those sources they are auto-configured not to speak to > > before even > > seeing any maliscious packets. > > You clearly trust your filter configuration manager. Not everyone does, and > there is ample 'operational failure from typo' evidence to back up their > mistrust. > > The point is that if there is no route, there is nothing that will need to > be filtered. The security paranoid will both remove routes, and install > filters, on the belief that failures will not occur in both at the same > time. Despite the noise about not providing security, these are two > mechanisms used in basic layered security models.
Maybe the router vendor should develop appropriate tools to let the user verify that the filers work as expected and let it be up to the user to decide if he want to use the vendor with or the vendor without such tools and leave the flexibility in the design? "Do you want subnet vault.acme.com announced to all the hackers out there [y/N]?" -- Fredrik Nyman PacketFront Sweden AB http://www.packetfront.com/ -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
