wg-multicast - Re: Proposed MSDP filtering changes on Abilene
Subject: All things related to multicast
List archive
- From: Matthew Davy <>
- To: John Kristoff <>
- Cc:
- Subject: Re: Proposed MSDP filtering changes on Abilene
- Date: Thu, 25 May 2006 13:03:39 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I believe that should be 0.0.0.0/8 *not* 0.0.0.0/0 :)
My personal opinion is that all the IANA reserved space should be filtered (eg 235/8, 236/8, etc) at domain borders. However, when I suggested this at a Joint Tech's a few years ago, several people were quite opposed to this. Passing 236/8 interdomain is no different than passing 10/8, both are IANA reserved addresses and, IMO, everyone should be filtering these at domain borders.
The other point you made regarding rate-limiting is a good one as well. We already do per-peer SA limiting. We also have the ability to do per-source SA limiting. There was a thread on this list a while back about implementing some per-source SA limits. My opinion is that limiting each source IP to some relatively large number of different groups (say 1,000) on the backbone is a good thing for the overall stability of multicast and wouldn't hinder any legitimate use of multicast. But, again, I think the consensus that last time this was discussed was that the backbone shouldn't do that type of limiting. Is that still the consensus ?
Also, in terms of Bill's and Cisco's lists being out of date, I'm sure they are. However, I think it's the most complete list out there today. If there are other groups that should be added, we'll certainly consider adding them.
- - Matt
On May 25, 2006, at 12:40 PM, John Kristoff wrote:
On Thu, 25 May 2006 12:11:16 -0400
Matthew Davy
<>
wrote:
-----BEGIN PGP SIGNED MESSAGE-----
NEW ABILENE MSDP FILTER
sources:
(0.0.0.0/0,*) Link Local Addresses
Do you mean 0.0.0.0/32 or perhaps even the entire reserved block of
0.0.0.0/8?
Bill's draft and Cisco list are not so up to date considering the
multicast swamp gets polluted quicker than anyone would like and I
am not actively maintaining the page I started for hardening anymore.
It sort of depends on where your priorities are for filtering. If
you want to cut down on bogus MSDPs, clearly filtering the reserved
/8's are going to make a much bigger difference than the control
plan overlapping /24's, but if you want be conservative then maybe
focus on rate limiting strategies to minimize state and flooding
explosion?
John
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)
iD8DBQFEdeNslW/4XGQiy+sRAl6gAKDVoUmcAsztQoVPNTH8yHPppKVG2gCgx3/P
cQ/iPGSC/aIHWox2SKY2tss=
=syNh
-----END PGP SIGNATURE-----
- Proposed MSDP filtering changes on Abilene, Matthew Davy, 05/25/2006
- Re: Proposed MSDP filtering changes on Abilene, John Kristoff, 05/25/2006
- Re: Proposed MSDP filtering changes on Abilene, Matthew Davy, 05/25/2006
- Re: Proposed MSDP filtering changes on Abilene, David Farmer, 05/25/2006
- Re: Proposed MSDP filtering changes on Abilene, E Paul Love, 05/25/2006
- Re: Proposed MSDP filtering changes on Abilene, Stig Venaas, 05/29/2006
- Re: Proposed MSDP filtering changes on Abilene, Pekka Savola, 05/29/2006
- Re: Proposed MSDP filtering changes on Abilene, Matthew Davy, 05/30/2006
- Re: Proposed MSDP filtering changes on Abilene, Bill Owens, 05/30/2006
- Re: Proposed MSDP filtering changes on Abilene, Matthew Davy, 05/30/2006
- Re: Proposed MSDP filtering changes on Abilene, Marshall Eubanks, 05/30/2006
- Re: Proposed MSDP filtering changes on Abilene, Bill Owens, 05/30/2006
- Re: Proposed MSDP filtering changes on Abilene, David Farmer, 05/30/2006
- Re: Proposed MSDP filtering changes on Abilene, Matthew Davy, 05/30/2006
- Re: Proposed MSDP filtering changes on Abilene, Pekka Savola, 05/29/2006
- Re: Proposed MSDP filtering changes on Abilene, David Farmer, 05/25/2006
- Re: Proposed MSDP filtering changes on Abilene, Matthew Davy, 05/25/2006
- Re: Proposed MSDP filtering changes on Abilene, John Kristoff, 05/25/2006
Archive powered by MHonArc 2.6.16.