asymmetric routing
Sandy Wills
willss@mediaone.net
Mon, 28 Jan 2002 05:42:28 -0500
(Please forgive me if I'm missing something basic, here. I am familiar
with IPv4 from the end user and LAN manager point of view. I subscribed
to the 6bone mailing list for the education I'm getting.......)
JOIN Project Team wrote, replying to Francis Dupont:
> > Basically RFC 2827 / BCP 38 about Ingress Filtering should be used
> > for IPv6 too. There are two ways to do ingress filtering: access lists
> > and unicast RPF.
>
> I don't think it's that easy. Please keep in mind, that a site/customer
> might be multihomed. In that case he might use a different prefix from that
> assigned by the upstream provider as source address.
>
> Yes, one could filter all but those prefixes a customer holds, but then the
> customer has to name all his providers/prefixes. You can't force a customer
> to do so, because that information might be confidential.
Isn't this reasoning flawed? Customer #1 has prefix A. You let that
traffic through. Customer #2 has prefixes X, Y and Z - but he doesn't
want you to know about Z because he's afraid that you won't like him.
So, you let through traffic with prefixes X and Y. Stop Z. Traffic Z,
if any, will go through some other provider, or it won't go through.
You're not forcing anyone to do anything.
What am I missing? You can limit the prefixes you allow to those
your customers tell you about. Your customers can have more than one
feed, and he doesn't have to tell you everything.
You're not forcing anyone to do anything. He is forcing himself to
pay for routers and network people which can direct his traffic out the
proper cables, and HE is the one who suffers if HE screws it up. He
does NOT have the right to force you to enable routing loops because his
routers got confused.
--
: Unable to locate coffee. Operator halted.