| 1 |
(Sorry for the top-post...I'm mobile atm.) |
| 2 |
|
| 3 |
My understanding is that core network operators filter ASs for which they |
| 4 |
don't have a contract for transit. I.e, if I were to get my own PI space, |
| 5 |
I'd have to pay tier 1 networks (or pay someone to ride on *their* |
| 6 |
contract) for a contract to have packets destined for my AS to be able to |
| 7 |
reach me across their network. |
| 8 |
|
| 9 |
ZZ |
| 10 |
On Feb 18, 2012 1:04 PM, "Pandu Poluan" <pandu@××××××.info> wrote: |
| 11 |
|
| 12 |
> On Sat, Feb 18, 2012 at 23:18, Michael Mol <mikemol@×××××.com> wrote: |
| 13 |
> > |
| 14 |
> |
| 15 |
> ---- >8 snippage |
| 16 |
> |
| 17 |
> > |
| 18 |
> > And it's not so easy to take the Internet down with injected BGP |
| 19 |
> > routes any more, either; most network operators apply some sort of |
| 20 |
> > filtering. |
| 21 |
> > |
| 22 |
> |
| 23 |
> Yes, there *are* filters against injecting BGP from non-trusted sources. |
| 24 |
> |
| 25 |
> But if the government somehow controls a Network Service Provider |
| 26 |
> (NSP, the maintainers of Internet backbones), they can easily poison |
| 27 |
> the BGP updates. Routers connected to the NSP will happily accept the |
| 28 |
> poisoned updates since they rely on the NSP to provide "big picture" |
| 29 |
> traffic management. |
| 30 |
> |
| 31 |
> Rgds, |
| 32 |
> -- |
| 33 |
> FdS Pandu E Poluan |
| 34 |
> ~ IT Optimizer ~ |
| 35 |
> |
| 36 |
> • LOPSA Member #15248 |
| 37 |
> • Blog : http://pepoluan.tumblr.com |
| 38 |
> • Linked-In : http://id.linkedin.com/in/pepoluan |
| 39 |
> |
| 40 |
> |
Archives