I agree with Danny. Most large ISPs are fairly good about maintaining ALC/Prefix-lists that only allow their customers to advertise routes for space that is correctly swipped to them. They know who their customer is. They know to what company the bill is sent. They can easily verify the name of the company (or end user) matches the swip record for the handfull of routes the customer advertises.
On Peering links the list is too large and changes too often, and usually includes down stream customer ASes, and their customers and so on... As a result it is often difficult to validate this information and manage it. If you want to fix this problem, ensure that all routes, the ASes that have the right to originate those routes, and the relationship between ASes are documented in some authoritative way, by someone who has a relationship with the AS and can verify the accuracy before any changes are made to the data. This can either be managed by the RIRs, which may be problematic due to the excessive amount of time and cost involved in acquiring, verifying, and keeping this data up to date, or by each and every transit provider, which may be a problem if not all transit providers choose to set up an Internet Routing Registry, or they do not all have the same level of security and authentication. Furthermore, Not only does the information need to be accurate, but you have to actually get the transit providers to use this information to build ALCs/Prefix-lists on Peering points. __Jason ========================================================================== Jason Schiller (703)886.6648 Senior Internet Network Engineer fax:(703)886.0512 Public IP Global Network Engineering [EMAIL PROTECTED] UUNET / Verizon [EMAIL PROTECTED] The good news about having an email address that is twice as long is that it increases traffic on the Internet. On Mon, 25 Feb 2008, Danny McPherson wrote: > The problem here is simply that of a reliable authenticated > authoritative data source for who owns what - AND operators > employing that to define routing policies. If protocols like SBGP > or soBGP want to build upon that and actually get some traction > in deployment, great, but the egg here [1] is the data source that > still doesn't exist. > > [1] http://www.cnn.com/2006/TECH/science/05/26/chicken.egg/ > > -danny -- to unsubscribe send a message to [EMAIL PROTECTED] with the word 'unsubscribe' in a single line as the message text body. archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg
