nanog mailing list archives
Re: large BCP38 compliance testing
From: Jared Mauch <jared () puck nether net>
Date: Thu, 2 Oct 2014 14:18:03 -0400
On Oct 2, 2014, at 8:37 AM, Roland Dobbins <rdobbins () arbor net> wrote: So, the problem is that those networks which are likely to implement the various topologically-appropriate at the various edges of their network are likely to have done so. And by definition, the endpoint networks where the spoofed traffic originates aren't likely to do so, nor are their immediate peers/upstream transits - or they would've done so long ago.
We have not seen support from other customers of our vendors for these features in RFI/RFP. It has taken us sometimes a year (or more) to get software fixes for uRPF related defects. The network performance can be impacted for all users due to the penalty by turning on uRPF as well, so it’s not even technically viable if you want line-rate from certain hardware sets. (See RFI/RFP). I’ve tried to collect a list of other interested parties to include this in their purchasing process with 0 takers so have put this on the back burner and just kept measuring networks that permit spoofed packets instead. It’s like any other things (e.g.: BGP hygiene), many people don’t invest the time/though/resources to cause the necessary impact. - Jared
Current thread:
- Re: large BCP38 compliance testing, (continued)
- Re: large BCP38 compliance testing Mikael Abrahamsson (Oct 02)
- Re: large BCP38 compliance testing Nick Hilliard (Oct 02)
- Re: large BCP38 compliance testing Jérôme Nicolle (Oct 02)
- Re: large BCP38 compliance testing Barry Greene (Oct 02)
- Re: large BCP38 compliance testing Nick Hilliard (Oct 02)
- Re: large BCP38 compliance testing Andrei Robachevsky (Oct 02)
- Re: large BCP38 compliance testing Jérôme Nicolle (Oct 02)
- Re: large BCP38 compliance testing Alain Hebert (Oct 02)
- Re: large BCP38 compliance testing Roland Dobbins (Oct 02)
- Re: large BCP38 compliance testing Alain Hebert (Oct 02)
- Re: large BCP38 compliance testing Roland Dobbins (Oct 02)
- Re: large BCP38 compliance testing Jared Mauch (Oct 02)
- Re: large BCP38 compliance testing Roland Dobbins (Oct 02)
- Re: large BCP38 compliance testing Jay Ashworth (Oct 03)
- Re: large BCP38 compliance testing Alain Hebert (Oct 06)
- Re: large BCP38 compliance testing Jay Ashworth (Oct 12)
- Re: large BCP38 compliance testing Roland Dobbins (Oct 02)
- Re: large BCP38 compliance testing Jimmy Hess (Oct 05)
- Re: large BCP38 compliance testing Octavio Alvarez (Oct 20)
- Re: large BCP38 compliance testing Roland Dobbins (Oct 02)
- Re: large BCP38 compliance testing Rich Kulawiec (Oct 02)