![nanog logo](/images/nanog-logo.png)
nanog mailing list archives
Re: I didn't make it up to the microphone quick enough...
From: "Craig A. Huegen" <chuegen () quadrunner com>
Date: Tue, 9 Jun 1998 07:24:54 -0700
On Tue, Jun 09, 1998 at 10:16:10AM -0400, Alex Rubenstein wrote: ==>I have a question about the ip reverse-path verification. Obviously, it ==>won't work very well in asymetric multi-homed environment. But, the ==>usefullness could be there (even limitedly) if you could at least filter ==>packets that have source address which does not exist in the routing table ==>_at all_ (irregardless of ingress or egress interface). ==> ==>Is this something that could be implemented easily? It would be another limited-functionality implementation -- it would work, but there are some cases under which it breaks -- consider the case where everything is summarized to default, or you only feed a default to edge devices that don't need the full table. Now, that wouldn't work in a smurf case because the source address *does* exist -- it's your target. It would help those cases where people are hit with, say, boink/bonk/etc. /cah
Current thread:
- I didn't make it up to the microphone quick enough... Alex Rubenstein (Jun 09)
- Re: I didn't make it up to the microphone quick enough... Craig A. Huegen (Jun 09)
- Re: I didn't make it up to the microphone quick enough... Jared Mauch (Jun 09)
- Re: I didn't make it up to the microphone quick enough... Alec H. Peterson (Jun 09)
- Re: I didn't make it up to the microphone quick enough... John Hawkinson (Jun 09)
- Re: I didn't make it up to the microphone quick enough... Alec H. Peterson (Jun 09)