On Mon, 23 May 2005, Tony Li wrote:
Which is EXACTLY why we need to remember that we are NOT trying to come
up with the perfect solution. We have operational issues *TODAY* that
we are trying to address.
- We have people (admittedly accidentally) advertising prefixes that
they do not own and
Let's look at Tony's points above. These solutions cannot deal with the
last case, i.e., the owner of the prefix decides to advertise more
specifics (and the ISPs pass that crap through). Then we're left with
attacks where someone else advertises an equal route, or someone
advertises a
Pekka Savola wrote:
On Mon, 23 May 2005, Tony Li wrote:
Which is EXACTLY why we need to remember that we are NOT trying to come
up with the perfect solution. We have operational issues *TODAY* that
we are trying to address.
- We have people (admittedly accidentally) advertising prefixes
On Tue, 24 May 2005, Pete Templin wrote:
Let's take RIPE, RADB, etc. databases as an example. Apparently we can't
count on the ISPs filtering out crap from their customers, because
otherwise we'd never have had these attack. Also apparently, we can't
count on the transit ISPs from weeding
Pekka,
First of all, if you are assuming that NO ISPs make use of prefix
filters, then you would be incorrect. There are those that try very
hard to make use of such filters. However, we do not have 100%
deployment of those filters.
Since we will never see 100% deployment of such filters,