[j-nsp] Filtering people pointing default

Richard A Steenbergen ras at e-gerbil.net
Sat Aug 2 00:19:04 EDT 2003


On Fri, Aug 01, 2003 at 08:57:26PM -0400, Jared Mauch wrote:
> On Fri, Aug 01, 2003 at 08:49:10PM -0400, Richard A Steenbergen wrote:
> > [...] The usefulness of such a 
> > feature knows no bounds in my eyes...
> 
> 	Juniper has implemented (Q-Pic [aka QPP]) dual and
> single GE mac accounting.
> 
> 	This can be done to count packets from peers across such
> multiaccess media.
> 
> 	You should contact Juniper directly about 10GE or other speed
> ethernet device support for mac accounting to get their latest plans
> of supporting such a feature.

Ignoring the price tag of QPP GigE PICs for the moment, and without
downplaying the importance of mac accounting for capacity engineering of
peers over public exchanges, that doesn't address the issue of existing
peers sending traffic to non-authorized routes. In the past people have
done a primitive form of filtering by using dedicated border routers
which only carry customer and internal routes, with a default to
null0/discard. Call me crazy but I'd rather just fix the software. :)

> 	It would also be useful IMHO if Juniper had in their ethernet
> interfaces the ability to log the mac address a packet came from (ala
> cisco log-input) but that is another discussion.

That too...

-- 
Richard A Steenbergen <ras at e-gerbil.net>       http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)


More information about the juniper-nsp mailing list