nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Network Operators and smurf

From: Dean Anderson <dean () av8 com>
Date: Fri, 24 Apr 1998 19:13:24 -0400
Well, there is a simple knob for this:

If the Knob is turned "ON", then any packet from a source address which is
not routed to the interface it came in on is dropped.

This works for static, dynamic, and all other kinds of routing.    It will
solve the problem and is trivial to implement - if any of the vendors care.


Doesn't work for asymetric networks, like satellites. But I agree, it might
be a good knob for the 80% solution.  The rest of the problems must still
rely on access lists.

                --Dean


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
           Plain Aviation, Inc                  dean () av8 com
           LAN/WAN/UNIX/NT/TCPIP/DCE      http://www.av8.com
           We Make IT Fly!                (617)242-3091 x246
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Previous By Date Next
Previous By Thread Next

Current thread: