Hey, > All stub autonomous systems should have a simple egress ACL allowing only PI > of their customers and their own PAs -it’s a simple ACL at each AS-Exit > points (towards transits/peers), that’s it. > > -not sure why this isn’t the first sentence in every BCP and “security > bulletin”…
I will venture a guess. 1) it's very specific scenario to be stubby and have downstream PI 2) it won't address customers spoofing each other arbitrarily and customer1 spoofing as customer2 on the internet, giving large chunk of the utility of spoofing even with protection in place How do you maintain that ACL? Why doesn't that same mechanism allow ingress ACL on the customer port? Your proposal looks low utility for work needed. -- ++ytti
