Re: OpenNTPProject.org

["Dobbins, Roland" <rdobbins () arbor net>]

On Jan 15, 2014, at 12:05 AM, Saku Ytti <saku () ytti fi> wrote:

> (We do BCP38 on all ports and verify programmatically, but I know it's not at all practical solution globally for 
> access).

Anti-spoofing is eminently practical for most types of access network topologies using even slightly modern equipment; 
uRPF, ACLs, cable IP source verify, DHCP Snooping (which works just fine with fixed-address hosts), PACLs/VACLs, et. 
al. are some of the more prevalent mechanisms available.

In point of fact, anti-spoofing is most useful and most practical at the access-network edge, or as close to it as 
possible.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com>

          Luck is the residue of opportunity and design.

                       -- John Milton