nanog mailing list archives
Re: BCP38 Deployment
From: Darius Jahandarie <djahandarie () gmail com>
Date: Wed, 28 Mar 2012 12:39:36 -0400
On Wed, Mar 28, 2012 at 12:16, Leo Bicknell <bicknell () ufp org> wrote:
Well, RFC3704 for one has updated the methods and tactics since BCP38 was written. Remember BCP38 was before even "unicast RPF" as we know it existed.
I think the concern of RFC3704/BCP84, i.e., multihoming, is the primary reason we don't see ingress filtering as much as we should. Almost any network worth its salt these days is multihomed, making strict RPF nearly impossible to pull off. Despite this, to my knowledge, Juniper is one of the only vendors that provides feasible-path RPF to deal with it. On Cisco and Brocade for example, you're stuck doing some dark voodoo magic with BGP weights & communities + strict RPF (refer to the previous money and laziness points) to accomplish something that SHOULD be basic. -- Darius Jahandarie
Current thread:
- BCP38 Deployment Bingyang LIU (Mar 28)
- Re: BCP38 Deployment Patrick W. Gilmore (Mar 28)
- Re: BCP38 Deployment Leo Bicknell (Mar 28)
- Re: BCP38 Deployment David Conrad (Mar 28)
- Re: BCP38 Deployment Bingyang LIU (Mar 28)
- Re: BCP38 Deployment Ray Soucy (Mar 28)
- Re: BCP38 Deployment Joe Greco (Mar 28)
- Re: BCP38 Deployment Leo Bicknell (Mar 28)
- Re: BCP38 Deployment Darius Jahandarie (Mar 28)
- Re: BCP38 Deployment David Conrad (Mar 28)
- Re: BCP38 Deployment Darius Jahandarie (Mar 28)
- Re: BCP38 Deployment Bingyang LIU (Mar 28)
- RE: BCP38 Deployment Drew Weaver (Mar 28)
- Re: BCP38 Deployment Leo Bicknell (Mar 28)
- Re: BCP38 Deployment Patrick W. Gilmore (Mar 28)
- Re: BCP38 Deployment Michael Thomas (Mar 28)
- Re: BCP38 Deployment Leo Bicknell (Mar 28)
- Re: BCP38 Deployment Michael Thomas (Mar 28)
- Re: BCP38 Deployment Leo Bicknell (Mar 28)
- Re: BCP38 Deployment Valdis . Kletnieks (Mar 28)
- Re: BCP38 Deployment David Conrad (Mar 28)