I think it was a question from me to Ron that kicked off his question to Opsec. For my question, no, it doesn’t help — what I was looking for was a citable RFC that said the equivalent of “thou shalt filter thy infrastructure addresses”. Because everyone knows you should do this, but apparently nobody has bothered to say so in a standard; this creates awkwardness when writing Security Considerations sections.
I see Ron said “document” and your reply does indeed fill the bill. To fix my problem I’d really need an IETF (or equivalent body, I suppose) standard or BCP, though, IMO. Thanks, —John On Jun 11, 2020, at 11:16 AM, Melchior Aelmans <[email protected]> wrote: Hi Ron! Does this help? https://www.juniper.net/documentation/en_US/day-one-books/DO_BGP_SecureRouting2.0.pdf Cheers, Melchior On Wed, May 27, 2020 at 11:21 PM Ron Bonica <[email protected]<mailto:[email protected]>> wrote: Folks, Does anybody know of a document that provides general recommendations for ACL’s to be implemented on service provider edge nodes? Ron Juniper Business Use Only _______________________________________________ OPSEC mailing list [email protected]<mailto:[email protected]> https://www.ietf.org/mailman/listinfo/opsec<https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/opsec__;!!NEt6yMaO-gk!UPSCEqGPw30dB1eBx48HvNXmnDLaXxL3w6ZLfU2gqOJ8n1LRT5GKqCEyBn6eEA$>
_______________________________________________ OPSEC mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsec
