----- Original Message ----- > From: "Paul Ferguson" <[email protected]>
> > The former is a first-hand transaction: if you're lying to your edge > > carrier, he can cut you off with no collateral damage. > > Of course, he has to notice it first. :-) Sure. > ObOpinion: It's best to *enforce* a policy which disallows a > downstream network from sourcing spoofed packets -- and the closer to > the "edge" you are, the better, Hierarchy is great for that. :-) Sure; that's sort of my point: this is *much* more effectively done at the actual edge; I think the systemic complexity of pushing it further in goes up as a log function -- meaning that the fact that there are only maybe 6000 transit networks is a red herring. > I guess the next best thing is "Trust but verify"? Always. Cheers, -- jra -- Jay R. Ashworth Baylink [email protected] Designer The Things I Think RFC 2100 Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA #natog +1 727 647 1274
