That's helpful, but even as an RFC people still have to be aware that
the problem exists before they do anything about it. A typical person
that I deal with would be a small networking integrator that is selling
Bay routers to school districts. This is not somebody who reads
RFCs, and most of them don't have any idea what issues face the
Internet today. I'm not sure what we can do, but this is one of the
types of people that severely need the education. I guess it probably
falls back on the vendors here to educate their resellers and customers.
Ideally, ingress filtering would be applied as close to the edges as possible.
This, for obvious reasons (one of which you pointed out above), isn't
feasible. What is feasible is that all providers that possess some amount of
cluefulness (this should cover *most* at the public exchanges), deploy
ingress filtering on their customer connections.
IMO, vendors should only be accountable for providing mechanisms to put these
policies in place, most of which already exist. It's the responsibility of
the participants of groups such as this to see that those policies are
deployed.
-danny