In my uneducated opinion, it seems to me like there are much larger concerns out there than BGP security. I say uneducated because I haven't worked for an ISP, nor have I worked for any other organization that would run BGP. My BGP experience consists of reading and lab work, that's it. I'm a Cisco Network Academy instructor, and the majority of my experience is from lab work and consulting. I'm teaching my first CCNP Routing class starting next week, so any input from those in the know would be appreciated. Hell, I'll appreciate input from those not in the know, I'm not picky... just don't expect me to take it as gospel truth.
When I tell a router to peer with another BGP speaker, I can put restrictions on it. I can tell it what AS paths I'll accept from that peer, and what prefixes I'll accept from that peer. If I'm an ISP peering with a customer who has the class C network 210.5.5.0 assigned to them, do I not have a responsibility to configure my BGP router to ignore any BGP advertisements from that customer that are not advertising 210.5.5.0? I know that no one is going to hold me to it, it's not like the IETF has a squad of mercenaries who are going to kick the door in and check my configs, but doesn't that responsibility fall to both the customer and the ISP? Sorry if I'm off base here, but that's my basic understanding of how things work; the customer has a responsibility to only advertise their networks, and the ISP has a responsibility to only accept advertisements for that customer's networks. Does the same relationship exist among ISPs, or do things get too complex to filter updates at that point? It seems like the "security hole" in BGP is the human that configures a BGP router to accept any route it gets. Thoughts? Hal Logan CCAI, CCDP, CCNP: Voice Network Specialist / Adjunct Faculty Computing & Engineering Technology Manatee Community College > -----Original Message----- > From: Edwin R. Gonzalez [mailto:[EMAIL PROTECTED] > Sent: Friday, February 28, 2003 11:39 PM > To: [EMAIL PROTECTED] > Subject: Who likes BGP? [7:64132] > > > Hey, > > It's your friendly neighborhood CISCO MAN!!!!! > Sorry, it's Friday night, I'm still at work with a coffee > buzz that might last me until the morning. > > I came across this article that might be of interest to > some people, check it out; > http://news.com.com/2100-1009-990608.html?tag=fd_lede1_hed > > > > -- > _________________________________ > The harder you work, the luckier you get! > _________________________________ > The only place success comes before > work is in the dictionary!!! > _________________________________ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=64153&t=64132 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
