Date: Thu, 14 Mar 2002 09:46:43 +1000 From: Philip Smith <pfs@cisco.com>
b) Loss of the service in the midst of a DoS attack.
I don't see why this is relevant. The idea is that the ISP taking the feed would build an access-list of denied networks probably on a daily basis, or however often they consider necessary. Pretty much as some ISPs build their BGP filters from the IRR at the moment.
Hi Philip et al, I was wondering for a while what I should do with this BGP feed of unallocated prefixes ... Now, after Philip has made it clear, why aren't we simply putting those prefixes in the IRRs (e.g. as a route-set, or simply as routes with a specific/reserved origin-AS) and let interested ISPs use their usual (RA)toolset to build filters at their regular schedules ?
Please don't suggest going down the path of further overburdening the DNS. Having routing dependant on a higher layer protocol is not too clever.
I wouldn't like this either, but that's a different story ;-) Cheers CP --- ---------------------------------------------------------------------- --- --- Christian Panigl : Vienna University Computer Center - ACOnet --- --- VUCC - ACOnet - VIX : -------------------------------------------- --- --- Universitaetsstrasse 7 : Mail: Panigl@CC.UniVie.ac.at (CP8-RIPE) --- --- A-1010 Vienna / Austria : Tel: +43 1 4277-14032 (Fax: -9140) --- --- ---------------------------------------------------------------------- ---