ietf
[Top] [All Lists]

Re: Multi-homed BCP38

2014-01-09 09:44:10
Not being an IP-routing person, but chair of SSAC in ICANN, I hear people for 
the reasons you bring up are more in favor of a mechanism where one talk about 
explicitly "filtering at the edge of the Internet" and not at every point where 
routes are exchanged.

Because of this, please also include SAC004 in your investigation.

<https://www.icann.org/en/groups/ssac/documents/sac-004-en.htm>

   Patrik

On 9 jan 2014, at 16:09, John R Levine <johnl(_at_)taugh(_dot_)com> wrote:

I was at a meeting talking to ops people from some large ISPs, who tell me 
that when they tell their large customers about BCP 38, the customers say 
forget it, because they're multihomed.  I gather the situation is typically 
that the customer has multiple address ranges, say from providers A and B.  
Normally traffic from range A goes out through provider A, and vice-versa, 
except sometimes when it doesn't.  Sometimes it's failover, or it may be 
deliberate asymmetic routing.  The customers may not be running BGP, or if 
they do, they don't want to announce range A to provider B for business 
reasons I don't entirely understand but that are not going away.

The ISPs tell me that the customers are often ISPs themselves, so there are 
lots of address ranges, far more than anyone could track manually even if 
they wanted to.

I see BCP 84, which is now ten years old.  The ISPs are aware of it, but it 
doesn't seem to have done the trick.  I can think of some hacks to 
pseudo-announce ranges for filtering purposes, but surely I am not the only 
person to have noticed this problem.  What have people done to address this 
issue?*  I figure the first thing to do is to understand what's failed before.

Regards,
John Levine, johnl(_at_)taugh(_dot_)com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail.

* - other than calling the customers stupid, which they are not, and is not 
helpful


Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

<Prev in Thread] Current Thread [Next in Thread>