nanog mailing list archives
Re: Cisco says attacks are due to operational practices
From: Daniel Senie <dts () senie com>
Date: Fri, 11 Feb 2000 00:18:26 -0500
Sean Donelan wrote:
On Thu, 10 February 2000, Paul Ferguson wrote:Excuse me, but can you please tell me what "application" a downstream customer might be running which originates packets for traffic with source addresses which they are not advertising (or you are advertising for them)?The usual example given is Hughes DirectPC, which sends packets with a source address of the satellite link via a dialup ISP connection.
This is the same concept used in the original Mobile IP designs. They expected the Internet would only ever look at destination IP address when forwarding packets. When we wrote RFC 2267, this issue was raised. As a result, Mobile IP folks had to look at tunneling the return traffic. The right answer for DirectPC is the same. Tunnel the traffic so that it's on valid IP addresses. Using inappropriate source IP addresses for the network you're on is just not going to fly. We have the technology to deal with it. In the multihomed case, the upstream providers should be made aware, either via a BGP advertisement or telephone call or whatever. Blindly allowing all traffic from a multihomed customer isn't likely to be a good plan in the long run. -- ----------------------------------------------------------------- Daniel Senie dts () senie com Amaranth Networks Inc. http://www.amaranthnetworks.com
Current thread:
- Re: Cisco says attacks are due to operational practices, (continued)
- Re: Cisco says attacks are due to operational practices Vijay Gill (Feb 10)
- Re: Cisco says attacks are due to operational practices John M. Brown (Feb 10)
- Re: Cisco says attacks are due to operational practices Wayne Bouchard (Feb 10)
- Re: Cisco says attacks are due to operational practices Richard Steenbergen (Feb 10)
- Re: Cisco says attacks are due to operational practices Marc Slemko (Feb 10)
- Re: Cisco says attacks are due to operational practices Mark Milhollan (Feb 14)
- Re: Cisco says attacks are due to operational practices John M. Brown (Feb 10)
- Re: Cisco says attacks are due to operational practices Steve Sobol (Feb 10)
- RE: Cisco says attacks are due to operational practices Shawn Morris (Feb 10)
- Re: Cisco says attacks are due to operational practices Daniel Senie (Feb 10)
- Re: Cisco says attacks are due to operational practices Paul Ferguson (Feb 11)