nanog mailing list archives
Re: Land and Cisco question
From: Randy Bush <randy () psg com>
Date: Sun, 23 Nov 97 07:37 PST
for each interface on a router block tcp which is both to and from that interfaceI don't think that's sufficient. What about spoofed packets arriving via interface A, with IP source and destination both set to the address of interface B?no ip source-route should fix it.
<insert replay of we don't peer with LSR inhibitors discussion> Though temp inhibit until YFRV deploys fixed code is understandable. randy
Current thread:
- Land and Cisco question Hank Nussbacher (Nov 22)
- Re: Land and Cisco question John Bashinski (Nov 22)
- <Possible follow-ups>
- Re: Land and Cisco question Hank Nussbacher (Nov 22)
- Re: Land and Cisco question Randy Bush (Nov 22)
- Re: Land and Cisco question Alex Bligh (Nov 22)
- Re: Land and Cisco question Paul Ferguson (Nov 22)
- Re: Land and Cisco question Alan Barrett (Nov 23)
- Re: Land and Cisco question Joe Shaw (Nov 23)
- Re: Land and Cisco question Randy Bush (Nov 23)
- why not peer with LS disabling networks ? Lyndon Levesley (Nov 23)
- Re: why not peer with LS disabling networks ? John Hawkinson (Nov 23)
- Re: why not peer with LS disabling networks ? Randy Bush (Nov 23)
- Re: why not peer with LS disabling networks ? Paul Ferguson (Nov 24)
- Re: why not peer with LS disabling networks ? Network Operations Center (Nov 24)
- Re: why not peer with LS disabling networks ? John Hawkinson (Nov 24)
- Re: why not peer with LS disabling networks ? Neil J. McRae (Nov 25)
- Re: Land and Cisco question Randy Bush (Nov 22)
- Re: Land and Cisco question Dean Anderson (Nov 24)
- Re: Land and Cisco question Greg A. Woods (Nov 24)