On 4/24/14, 6:54 PM, K7VE - John wrote:
I think the better model is BGP "nodes"
which provide VPN to subnets.
The BGP node admins would provide the VPN authentication to know what
subnets were attaching and BGP would provide Internet connectivity
(including subnets).
+1
I trust my VPN users and announce via BGP to the global routing table. If you
want to trust my routes cool, if not that's cool too.
I think everyone is over-thinking this. It does no good if the majority of
traffic over 44net allocations is ping and traceroute. Let shit flow and see
what happens.
IF some one starts abusing it, shut it down and fix it. It's like a repeater
when there is a jammer. Once you're aware of it, you shut it down till they
go away and you're not liable for it.
--
Bryan Fields
727-409-1194 - Voice
727-214-2508 - Fax
http://bryanfields.net