[CII] One possible scenario
Joe St Sauver
joe at oregon.uoregon.edu
Wed Dec 2 19:35:33 UTC 2009
John mentioned:
#However, I'm not suggesting that people will transit *ALL* of a
#peer's traffic -- only that which has been advertised as critical.
#The advertisements would be /32s, maybe even a /24 at time -- lots
#of routing slots, but small swaths of space.
Those more specifics are likely to be ignored by a lot of providers
who run more-or-less industry standard route filters (e.g., the /32's
are particularly likely to be dropped, although even /24's will have
problems at some providers if the /24 is a deaggregated part of a
larger covering netblock). These days people are very concerned about
the growth in the global routing table, and for very good reasons,
and the net result is restrictive route filters.
#If a peer can tell me what is critical for health/safety, I'll make sure
#I advertise those things onto my other peers in time of emergency. I'm
#going to do this with or without a government mandate -- if it is truly
#crticial infrastructure, I want my customers to be able to reach it.
I guess my point is that if enough people do that, you can actually make
things worse, not better, particularly if we're talking about smaller
providers and the critical infrastructure in question is targeted for
active attacks (such as DDoS packet flooding attacks).
But I don't mean to belabor the point.
Regards,
Joe
More information about the CII
mailing list