----- Original Message ----- > From: "Joel Halpern" <j...@joelhalpern.com> > To: "Brian Turnbow" <b.turn...@twt.it> > Cc: nanog@nanog.org > Sent: Tuesday, November 8, 2022 10:03:20 AM > Subject: Re: BCP38 For BGP Customers
> There is work a tthe IETF on an addon to RPKI called ASPA. There is a > draft that describes how the combiantion of ASPA and RPKI can be used to > help with DDOS prevention. > > There is also a working group at the IETF called SAVNET that is looking > at what technological additions can be made to address the shortcomings > in BCP 38. In fairness, there is distinct disagreement as to what those > shortcomings are, and whether the ideas being presented can help. Input > from more operators would be great. (For completeness, I am a co-chair > of that working group.) Wait; people are actually trying to implement BCP38, still? :-} Cheers, -- jra > On 11/8/2022 9:39 AM, Brian Turnbow via NANOG wrote: >>> This may not exist yet, but what about a uRPF-like feature that uses RPKI, >>> IRR, >>> etc. instead of current BGP feed? >> >> There is rfc8704 that extends urpf >> But I do not know of any commercial available solutions -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274