Is there some other method which would be as effective to destroy a
specific net's connectivity to the majority of the net? A few come to
mind right now:
1) ip route <luser's address & mask> null0
Deliberate injection of bogus routes is the reason sufficient
to disconnect from the provider who's doing that completely.
*No* serious ISP will ever want to unleash the routing wars.
2) ip filtering:
- Probably uses more CPU than #1, but doesn't screw
with the routing tables.
You may want to ask Sean to send you a copy of SL-MAE-E's configuration.
There already are *huge* filter lists, just to maintain sanity of
routing.
I doubt you're going to need to add many filters
Heh. Never underestimate the laziness (overworkiness, underpaidness,
or just plain cluelessness) of netadmins.
Seriously, there are people which still believe that CIDR is a
conspiracy.
As far as who will run the programs to check for this, I'm sure that a
suitable home for the tools necessary could be found.
It is not the tools, it is the politics. Getting rid of nukes
completely is a nice goal. Does anybody seriously think it can
be done today? Not until we see the last of Kings and Presidents
(not mentioning Senators and other Servants of the people).
A net.politzai is a very unrewarding role, potentially leading
to real lawsuits. Passive filtering with well-announced policy
at least gives no food for lawyers. Sprint's policies are
a result of extensive consultations between engineering, marketing
and legal people (and activist customers), and is a way for Sprint
to protect its own network from the routing collapse.
--vadim
Not speaking for Sprint.