North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
peering requirements (Re: DDOS anecdotes)
> ... but I do not blame their IP stack for this like Mr Gibson does though. Same here. > ... From spoofed sources because ISPs do not source address filter? > Gah. Basically untraceable. This is the problem. > What should we do? Recommendation: upgrade your peering requirements to include language like: Each peer agrees to emit only IP packets with accurate source addresses, to require their customers to do likewise, and to extend this requirement to all other peers by $DATE. Where DATE = (now() + '6 months') or some other negotiated value. I've been saying this since 1993. Is anybody ready to believe me yet? We solve this, or our industry stops growing because we're spending too much time dealing with this problem and new customers see diminished returns.