LISTSERV mailing list manager LISTSERV 15.5

Help for NORDNOG Archives

NORDNOG Archives

NORDNOG Archives


Next Message | Previous Message
Next in Topic | Previous in Topic
Next by Same Author | Previous by Same Author
Chronologically | Most Recent First
Proportional Font | Monospaced Font


Join or Leave NORDNOG
Reply | Post New Message
Search Archives

Subject: Re: RIPE down - DDoS confirmed
From: Michael Hallgren <[log in to unmask]>
Reply-To:Network management discussion for Nordic region <[log in to unmask]>
Date:Sat, 1 Mar 2003 23:21:43 +0100

text/plain (44 lines)

> On Fri, 28 Feb 2003, Michael Hallgren wrote:
> > Finally, out of curiosity, how do most people (among those who actually)
> > filter
> > commonly handle prefixes with multiple origin?
> We we will end up accepting it if there is one route object with
> the origin
> of the expanded customer policy. So we match on ASes from the expanded
> policy. So multiple doesn't matter in that direction.
> The only "funny" thing we do is in the case where there is no
> route object,
> in those cases our robot registers one for that prefix and that
> origin (and
> removed it if goes away for 30 days from our announced routes). So this
> would happen if the customer specified a RS as an import policy and no
> matching route object existed, or the route object existed for AS X (which
> was in his policy so we accept the prefix) but once we accept it it is
> really origin AS Y, in which case we make another route object with origin
> Y.

So, you proxy modulo time then. Thoug I think your approach is thoughtful, I
it would be even more fortunate to attempt "social engineering"... (?) I
rather have/help the "guilty" neighbor add relevant object, than proxy
patching (?)


> /nco
> > >
> > mh
> >
> > > - kurtis -
> > >
> >

Back to: Top of Message | Previous Page | Main NORDNOG Page



CataList Email List Search Powered by the LISTSERV Email List Manager