North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: an effect of ignoring BCP38

  • From: Jo Rhett
  • Date: Thu Sep 11 03:34:52 2008

On Sep 6, 2008, at 6:49 AM, k claffy wrote:
do that many networks really allow spoofing?  i used
to think so, based on hearsay, but rob beverly's suggests
things are a lot better than they used to be, arbor's
last survey echos same.  are rob's numbers inconsistent
with numbers anyone else believes to be true?

I hate to spoil anyone's fantasies about this topic, but yeah. Nearly everyone does.

I've been in, near, or directly in touch with enough big provider NOCs in the last year on various DoS attach research issues, and nearly nobody... that's right NONE of them were using BCP38 consistently. Name the five biggest providers you can think of. They ain't doing it. Now name the five best transit providers you can think of. They ain't doing it either. (note that all of these claimed to be doing so in that survey, but during attack research they admitted that it was only in small deployments)

If someone told me (truthfully) that there was 10% BCP38 compliance out there, I'd be surprised given what I have observed.

We don't have a long ways to finish. We have a long ways to start. Finishing isn't even within the horizon yet.

Jo Rhett
Net Consonance : consonant endings by net philanthropy, open source and other randomness