nanog mailing list archives
RE: Force10 Gear - Opinions
From: "James Jun" <james () towardex com>
Date: Thu, 4 Sep 2008 10:24:53 -0400
uRPF strict as a configuration default, on customers without possible asymmetry (multihoming, one-way tunneling, etc) is not a bad default. But when the customers increase in complexity, the time might come to relax things some. It's certainly not a be-all-end-all. And it's been demonstrated time after time here that anti-spoof/bogon filtering isn't even a factor in most large-scale attacks on the public Internet these days. Think massively sized, well connected, botnets. See also CP attacks (which, again, the F10 can't even help you with).
Indeed... In today's internet, protecting your own box (cp-policer/control plane filtering) is far more important IMO than implementing BCP38 when much of attack traffic comes from legitimate IP sources anyway (see botnets). james
Current thread:
- Re: Cisco uRPF failures, (continued)
- Re: Cisco uRPF failures Brandon Ewing (Sep 13)
- Re: Cisco uRPF failures Saku Ytti (Sep 13)
- RE: Cisco uRPF failures Tom Zingale (tomz) (Sep 15)
- Re: Force10 Gear - Opinions Brian Feeny (Sep 03)
- Re: Force10 Gear - Opinions Jo Rhett (Sep 03)
- Re: Force10 Gear - Opinions Paul Wall (Sep 04)
- Re: Force10 Gear - Opinions Mark Tinka (Sep 04)
- uRPF Jo Rhett (Sep 04)
- Re: uRPF Mark Tinka (Sep 04)
- Re: Force10 Gear - Opinions Paul Wall (Sep 04)
- Re: Force10 Gear - Opinions Dave Israel (Sep 04)
- RE: Force10 Gear - Opinions James Jun (Sep 04)
- BCP38 dismissal Jo Rhett (Sep 04)
- Re: BCP38 dismissal John C. A. Bambenek (Sep 04)
- Re: BCP38 dismissal Jo Rhett (Sep 04)
- Re: BCP38 dismissal Patrick W. Gilmore (Sep 04)
- Re: BCP38 dismissal Jo Rhett (Sep 04)
- Re: BCP38 dismissal Patrick W. Gilmore (Sep 04)
- RE: BCP38 dismissal michael.dillon (Sep 04)
- RE: BCP38 dismissal James Jun (Sep 04)
- Re: BCP38 dismissal Paul Wall (Sep 04)
- Re: BCP38 dismissal Jo Rhett (Sep 04)