nanog mailing list archives

RE: Force10 Gear - Opinions

From: "James Jun" <james () towardex com>
Date: Thu, 4 Sep 2008 10:24:53 -0400

uRPF strict as a configuration default, on customers without possible
asymmetry (multihoming, one-way tunneling, etc) is not a bad default.
But when the customers increase in complexity, the time might come to
relax things some.  It's certainly not a be-all-end-all.  And it's
been demonstrated time after time here that anti-spoof/bogon filtering
isn't even a factor in most large-scale attacks on the public Internet
these days.  Think massively sized, well connected, botnets.  See also
CP attacks (which, again, the F10 can't even help you with).


Indeed... In today's internet, protecting your own box (cp-policer/control
plane filtering) is far more important IMO than implementing BCP38 when much
of attack traffic comes from legitimate IP sources anyway (see botnets). 

james

Current thread:

Re: Cisco uRPF failures, (continued)
- - - Re: Cisco uRPF failures Brandon Ewing (Sep 13)
    - Re: Cisco uRPF failures Saku Ytti (Sep 13)
    - RE: Cisco uRPF failures Tom Zingale (tomz) (Sep 15)
    - Re: Force10 Gear - Opinions Brian Feeny (Sep 03)
- Re: Force10 Gear - Opinions Jo Rhett (Sep 03)
  - Re: Force10 Gear - Opinions Paul Wall (Sep 04)
    - Re: Force10 Gear - Opinions Mark Tinka (Sep 04)
    - uRPF Jo Rhett (Sep 04)
    - Re: uRPF Mark Tinka (Sep 04)
    - Re: Force10 Gear - Opinions Dave Israel (Sep 04)
    - RE: Force10 Gear - Opinions James Jun (Sep 04)
    - BCP38 dismissal Jo Rhett (Sep 04)
    - Re: BCP38 dismissal John C. A. Bambenek (Sep 04)
    - Re: BCP38 dismissal Jo Rhett (Sep 04)
    - Re: BCP38 dismissal Patrick W. Gilmore (Sep 04)
    - Re: BCP38 dismissal Jo Rhett (Sep 04)
    - Re: BCP38 dismissal Patrick W. Gilmore (Sep 04)
    - RE: BCP38 dismissal michael.dillon (Sep 04)
    - RE: BCP38 dismissal James Jun (Sep 04)
    - Re: BCP38 dismissal Paul Wall (Sep 04)
    - Re: BCP38 dismissal Jo Rhett (Sep 04)

(Thread continues...)