(6bone) Ingress filtering (was: asymmetric routing)
Michel Py
michel@arneill-py.sacramento.ca.us
Thu, 31 Jan 2002 15:56:26 -0800
folks,
> Dave Wilson wrote:
> (2) There are some ISPs who may negotiate with the customer to
> allow it, as a service?
> I do not propose that we require ISPs to carry asymmetric traffic.
> Is it still worthwhile to develop multihoming solutions that are
> available to those that do?
This is a dangerous and slippery slope, because the next step would
be to break aggregation to get routes to the DMZ.
>> Dave Wilson wrote:
>> These are separate considerations, however. Forwarding traffic
>> with a source address that is not your own, for good or ill,
>> doesn't harm the routing table in the same way that unaggregated
>> advertisements do, and so it seems to me it's entirely compatible
>> with (or agnostic of) the principle of strict aggregation.
> Pekka Savola wrote:
> Yes, but forwarding when not advertising can lead to unexpected
> results; e.g. _any_ router discarding the packets due to failing
> ingress filtering checks.
Concur.
> Jan Oravec wrote:
> Again, it's not 'other provider's traffic', it's 'customer's traffic'.
> The example: you have two post offices - A and B.
> I want to send letter to someone. The post office A has better prices
> for this destination, but I want to get response to my p.o.box at
> office B. So I write return-address to 'B' on letter. I pay some money
> to A for sending the letter. (and I pay some money to B for my p.o.
> box) Yes, they cannot check whether my 'B' address is regular or not.
> The question is: Shall they reject delivery ?
No, and it works for two reasons:
1. A and B have agreements.
2. B is getting paid twice, once by you and once by the buddy that
replies to you that buys a stamp.
You are making the same point as Dave, above. You could, indeed, cut a
deal with both ISPs requesting that they both allow each other traffic
trough.
Again, this is a slippery slope. Then the two ISPs are going to exchange
routes, then they are going to advertise each other's routes and break
aggregation, and then we are in the same mess.
> Ville wrote:
> what are we to pick for people what they want. If neither
> discouraged nor eliminated by protocol-design, the provider
> itself is left with all choices as to what to and what not to
> offer for his/her own clients.
I am a protocol designer. One of the reasons I read and post to the
6bone mailing list is to get a feeling of how features or requirements
will be perceived by the 6bone community, so I can decide to
incorporate or not these features/requirements in my protocol.
Michel.