[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Global Blackhole Service

Subject: Global Blackhole Service
From: mmc at internode.com.au (Matthew Moyle-Croft)
Date: Sun, 15 Feb 2009 10:32:35 +1030
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]> <[email protected]>


Florian Weimer wrote:
> If you want to run a public exchange point, you need to solve the same 
> announcement validation problem. Multiple organizations appear to do 
> it successfully, so it can't be that difficult.
How exactly do you do "validation"?   If I give you a list of ASes and 
prefixes, what can you do to validate that they're ones I can actually 
announce on behalf of someone else?   I can put whatever I want in an 
AS-SET (etc) pretty much.  How do you actually check that I have the 
right relationship with a customer (or customer of a customer of a 
customer etc)?  

To put it into context - the approach of stuffing other people's ASes in 
a path to prevent them learning it is wide spread, especially in Asia - 
I've seen AS-SETs with all sorts of Tier1/2 ASes even though I know that 
they have no transit relationship with them!

MMC

-- 
Matthew Moyle-Croft - Internode/Agile - Networks
Level 4, 150 Grenfell Street, Adelaide, SA 5000 Australia
Email: mmc at internode.com.au  Web: http://www.on.net
Direct: +61-8-8228-2909		    Mobile: +61-419-900-366
Reception: +61-8-8228-2999          Fax: +61-8-8235-6909

References:
- Global Blackhole Service
  - From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
- Global Blackhole Service
  - From: nuno.vieira at nfsi.pt (Nuno Vieira - nfsi telecom)
- Global Blackhole Service
  - From: smb at cs.columbia.edu (Steven M. Bellovin)
- Global Blackhole Service
  - From: fw at deneb.enyo.de (Florian Weimer)

Prev by Date: Global Blackhole Service
Next by Date: Global Blackhole Service
Previous by thread: cogent issues
Next by thread: Global Blackhole Service
Index(es):
- Date
- Thread