Anti-DDoS
Sanjeev Gupta
ghane0 at gmail.com
Mon Jul 4 01:25:04 UTC 2016
On Mon, Jul 4, 2016 at 2:50 AM, Hal Murray <hmurray at megapathdsl.net> wrote:
>
> Is there any good writeup on why BCP-38 is so hard to implement and/or why
> it
> isn't implemented more often? I assume it's money. Is the problem routers
> can't do it? (fast enough) Or maybe ISPs don't have their act together?
Speaking with my Data Centre consulting hat on, the reason seems to be that
BCP-38 requires me to spend resources, but it is my neighbours that benefit.
However, despite that, things are much better than they were in 2006.
About 80% of the IPv4 space is behind gateways that implement BCP-38 (this
figure has been constant since about 2012). See:
https://spoofer.caida.org/summary.php
It is not hardware (trivial load), or configuration (low maint once set
up), it is simply that the cost-benefit ratio is horrible. Costs are low,
but benefits are zero (or even negative, if you see your industry as a
zero-sum game).
--
Sanjeev Gupta
+65 98551208 http://www.linkedin.com/in/ghane
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ntpsec.org/pipermail/devel/attachments/20160704/43bce6ce/attachment.html>
More information about the devel
mailing list