identify hostname

You don't need a tool. People already have provisioning/configuration tools
or are doing it by hand. Whichever is the case, just add a rule to your
customers interface. You know when you configure the interface what the
mask is and what the broadcast is. All you need to do is add an access
list entry which applies to that customers interface.

The only real problem with this approach is customers which have large
blocks. If you have a /16, you are almost certainly not using x.y.255.255
as a broadcast. It is hard to know or predict what their subnet strategy
might be, but for such customers, you probably don't really need to worry,
and can expect a higher clue level from them. They can put their own
filters in place.

    --Dean

That works fine as long as you either manage your customers' equipment or
your customers don't subnet blocks you give them. However, in real-world
experience, neither of those apply, especially to a larger ISP/NSP (UUNet
was mentioned in this thread at the beginning).

It certainly doesn't hurt to put in access-list's where you can, to reduce
the problem, but that is not a scalable solution. It is an incredible
management nightmare, especially if you're having to keep track of
autonomous customer routing changes. Not to mention that it adds to the
burden of tracking down problems (imagine a DHCP server which assignes
what used to be a broadcast address, but is no longer because the subnets
were combined, and everytime a machine gets that address, it can't get
outside the network because the administrator hasn't updated the
5,000-line access-list).

Pete.

I've got to go with Pete K. on this one. In our current, cidr-ized world, it
is simply not possible for an upstream provider to determine what is, or is
not, a broadcast address in a downstream network. This is something that needs
to be implemented from the edge in, not from the core out.

I've got to go with Pete K. on this one. In our current, cidr-ized world, it
is simply not possible for an upstream provider to determine what is, or is
not, a broadcast address in a downstream network. This is something that

needs

to be implemented from the edge in, not from the core out.

I agree that it is difficult if not impossible to implement at the core.
One would think that having an extra 30 - 155Mb of traffic on their network
that they're paying to transit to the world would motivate them to take a
look at the edge/customer router(s) that are allowing the broadcast
however. I would certainly let one of our customers know that it is in
their best interest to either implement the filters/access lists or give us
a map of their subnetting and let us do it for them.

- ------------------------------------------------------------------
Get your *FREE* Parked Domain account at http://www.EZ-Hosting.Com
- ------------------------------------------------------------------
John Fraizer | __ _ |
The System Administrator | / / (_)__ __ ____ __ | The choice
mailto:John.Fraizer@EnterZone.Net | / /__/ / _ \/ // /\ \/ / | of a GNU
http://www.EnterZone.Net/ | /____/_/_//_/\_,_/ /_/\_\ | Generation
PGP Key fingerprint = 7DB6 1CA2 DAA6 43DA 3AAF 44CD 258C 3D7E B425 81A8