nanog mailing list archives
Re: Advisory - tunneling of IP at exchange points.
From: Lyndon Levesley <lol () gxn net>
Date: Tue, 25 Nov 1997 17:03:01 +0000
On Tue, 25 Nov 1997 at around 11:44:17, "JS" == Jeff Swinton penned:
JS> Maybe I'm missing something, but couldn't you block this with routing JS> as well? The attack seems to be based on the fact that your NAP routers have JS> routes to other NAP LANs. JS> Let's say you connect to just MAE-E and MAE-W. At MAE-E, add a route JS> for the MAE-W network to null0. Do the opposite at MAE-W. While this may JS> not JS> work for everyone, is should work for the majority. It may also be more JS> pleasant then adding filters to a high speed interface. No - this would involve much more work than that. Take the case of (ME peers)---[ME router]======[MW router]------(MW peers) all sitting inside the same AS. (put as many routers as you like in between them or in other parts of your network - it still holds) The next hop that "MW router" sees for a ME peer's route would be the address of that peer *on the ME LAN*. In general, any router that speaks iBGP needs to know a route to every exit point of every other iBGP router. You /could/ do this differently I suppose but it would be a ridiculous amount of work and it would make debugging problems somewhat harder. JS> Jeff Swinton Cheers, Lyndon Levesley GX Networks -- Penis Envy is a total Phallusy.
Current thread:
- Advisory - tunneling of IP at exchange points. Paul Thornton (Nov 25)
- Re: Advisory - tunneling of IP at exchange points. Neil J. McRae (Nov 25)
- Re: Advisory - tunneling of IP at exchange points. Lyndon Levesley (Nov 25)
- Re: Advisory - tunneling of IP at exchange points. Jeff Swinton (Nov 25)
- Re: Advisory - tunneling of IP at exchange points. Lyndon Levesley (Nov 25)
- Re: Advisory - tunneling of IP at exchange points. Jeff Swinton (Nov 25)
- Re: Advisory - tunneling of IP at exchange points. Alex Bligh (Nov 25)
- Re: Advisory - tunneling of IP at exchange points. Lyndon Levesley (Nov 25)
- Re: Advisory - tunneling of IP at exchange points. bmanning (Nov 25)
- Re: Advisory - tunneling of IP at exchange points. Neil J. McRae (Nov 25)
- <Possible follow-ups>
- RE: Advisory - tunneling of IP at exchange points. Dave Van Allen (Nov 26)
- RE: Advisory - tunneling of IP at exchange points. Craig A. Huegen (Nov 26)
- RE: Advisory - tunneling of IP at exchange points. Dave Van Allen (Nov 26)