ntacpeering - Re: [Security-WG] I2 - Anti-Spoofing/uRPF discussion summary from Technology Exchange

Subject: NTAC Peering Working Group

List archive

Re: [Security-WG] I2 - Anti-Spoofing/uRPF discussion summary from Technology Exchange

From: Michael H Lambert <>
To: "" <>
Cc:
Subject: Re: [Security-WG] I2 - Anti-Spoofing/uRPF discussion summary from Technology Exchange
Date: Mon, 6 Nov 2017 11:17:44 -0500
Dkim-filter: OpenDKIM Filter v2.11.0 mailer1.psc.edu vA6GHeQl018027
Ironport-phdr: 9a23:c8sAHhRzkBCbYnGXZD6LtP0s89psv+yvbD5Q0YIujvd0So/mwa6yYBeN2/xhgRfzUJnB7Loc0qyN4vCmATRIyK3CmUhKSIZLWR4BhJdetC0bK+nBN3fGKuX3ZTcxBsVIWQwt1Xi6NU9IBJS2PAWK8TW94jEIBxrwKxd+KPjrFY7OlcS30P2594HObwlSijewZbB/IA+qoQnNq8IbnZZsJqEtxxXTv3BGYf5WxWRmJVKSmxbz+MK994N9/ipTpvws6ddOXb31cKokQ7NYCi8mM30u683wqRbDVwqP6WACXWgQjxFFHhLK7BD+Xpf2ryv6qu9w0zSUMMHqUbw5Xymp4qF2QxHqlSgHLSY0/33YhcJtjKxUohyvqRN8zY7afo+bM+Fzfr/EfdMfWWZBXtpdWzJHD4ihb4UPFe0BPeNAoof6plsBsRu+ChOyC+Pr1zRGhGL906sg3OQkCg7JwhYgH84Tu3nTqNX6LqISXvurw6nS0TXOdOtW2Szh54TSbB8uvOyMUKt2fMHMykcvDxvIgkiOpYHmJT+Zy+cAv3aB4+dgVu+jkXMrpx1trjS328sglIrEipgIxl3H6yl12ps5KNykREJhf9KoDZlduieHPIVsWMwiWXtnuCMix70Gp5G7eC8KxYwixxHFavyHd5aH4gj+WOqLOTd4n25qdKihiBmv7Eis0uz8Vs+q31ZWtidJj8fAu3MX2xDO6cWLVOFx80ei1DqVygzf9v1ILVgxlaXBKp4hxrAwloAUsUTGBiL2nF/5jKqNeUo64Oio9//qYq39ppCALYN7lBzxMrk2lsylHes4KhQOX3Sc+emkz73s41H2QKhQjv03jqnYsInWJMoUpqOiBw9V050j6wqkDzu4ytgYnH8HLE5bdxKdiYjmJU3OLO7iAfihnlusjS9hx+raMb35HpXNMn/Dna/nfbZh8UFT1BIzws5B6JJOC7EBJv3zV1T1tNzZFR85Lxe0z/j9BNV80IMeRXyAArWfMKzMrV+E+PgjLPeRa48I637BLK1v4eLnhmc0lEUce6aB3J0LZWq+E+g8ZUiVfDCk1tEdGGwSswckTerloFyETTNJYXuuBeQx6ixtW6y8CoKWY4GmgLWM2G+bVrlfY2pLEEzERXPhco+JQeskcDmZZMJtj2pXBvCaV4Y92ET250fBwL19I7+M9w==

> On 6 Nov 2017, at 10:54, David Farmer
> <>
> wrote:
>
> So a question, how do we communicate this going forward as we interact with
> more and more people? I'm worried some will just see this as an effort to
> apply a traffic security policy on the Internet2 backbone.

I think the primary targets/victims/beneficiaries of this process should be
the connectors. To me, it makes much more sense for them to be filtering
their members on ingress, especially since BCP38 does tend to crop up in
various NSF solicitations. If Internet2 does the filtering, it can hide
these downstream issues. It is appropriate for Internet2 to identify
"offending" traffic, but once it has been identified, the connector should be
encouraged/cajoled/shamed to fix the problem.

International peers are another matter. One would hope that they would have
similar policies.

Michael

I2 - Anti-Spoofing/uRPF discussion summary from Technology Exchange, gcbrowni, 11/06/2017
- Re: [Security-WG] I2 - Anti-Spoofing/uRPF discussion summary from Technology Exchange, David Farmer, 11/06/2017
  - Re: [Security-WG] I2 - Anti-Spoofing/uRPF discussion summary from Technology Exchange, Michael H Lambert, 11/06/2017
    - Re: [Security-WG] I2 - Anti-Spoofing/uRPF discussion summary from Technology Exchange, Karl Newell, 11/06/2017
      - Re: [Security-WG] I2 - Anti-Spoofing/uRPF discussion summary from Technology Exchange, David Farmer, 11/06/2017
        
        Re: [Security-WG] I2 - Anti-Spoofing/uRPF discussion summary from Technology Exchange, John Hernandez, 11/06/2017
        
        RE: [Security-WG] I2 - Anti-Spoofing/uRPF discussion summary from Technology Exchange, Michael Hare, 11/07/2017
        
        RE: [Security-WG] I2 - Anti-Spoofing/uRPF discussion summary from Technology Exchange, Garrett, Seth B, 11/07/2017
        Re: [Security-WG] I2 - Anti-Spoofing/uRPF discussion summary from Technology Exchange, Pete Siemsen, 11/07/2017
        
        Message not available
        Message not available
        Re: [Security-WG] I2 - Anti-Spoofing/uRPF discussion summary from Technology Exchange, Pete Siemsen, 11/27/2017

List archive

Re: [Security-WG] I2 - Anti-Spoofing/uRPF discussion summary from Technology Exchange