Smurfing and IP filtering

Thus spake Steven J. Sobol

There is RFC recommendation for the router.

Why there is not RFC describing the policy (mandatory!) for the ISP?

An RFC is a recommendation. A typical RFC usually ends up being a de-facto
standard, however it does not have the force of law.

Backbone operators have to start putting pressure on their downstreams to
fix their router configs. The downstreams have to put pressure on THEIR
downstreams, etc. The only way to get everyone to fix their routers is to
write clauses into contracts saying "if your network ends up being a smurf
amplifier, and we find that your routers are misconfigured, you will be
disconnected from the Net without any kind of refund or credit for your
downtime, and you will remain down until you fix things."

That, and education, will do the trick.

True, but publishing an RFC to add some weight to that might help in
that education effort and help the upstreams convince their downstreams
that it needs to be done. A well written RFC might also be a document
that the upstreams could send to the downstreams to help them understand
actually what's going on with the situation and help them understand why
it needs to be fixed (why in the greater overall good scheme of things,
though why in the "do this or we're axing your connection" will help as
well). If the issues are outlined in a nice format that people can
read, I suspect you'll get less opposition from downstreams that don't
want to muck with their already fine (as far as their performance can
tell) router configs.

While I, and threatening to ax connections *should* do
the trick, the sad truth here is that before you can deal with router
configs, you're dealing with humans in these organizations that you have
to convince this is a good thing to do. I believe that an RFC would
*help* to do that. No, it shouldn't be necessary, but if there's very
little downside to it (and I don't see much downside to publishing an
RFC...maybe a Best Current Practices or something), and there's some
upside to it in that it might help convince some recalcitrant or
ignorant network operators out there to change their router
configs...well then, I say, let's do it.

>That, and education, will do the trick.

How you edicate your son to drive the car?
Let's be _ISP are your son, Internet is your own town_.
Do you allow him to drive the car by the crowded streets?