nanog mailing list archives

Re: Loose Source Routing

From: Jared Mauch <jared () puck Nether net>
Date: Tue, 6 Mar 2001 14:40:13 -0500


On Tue, Mar 06, 2001 at 09:49:47AM -0800, David McGaugh wrote:

What are people's feelings on loose source routing? The general
sentiment around here is that it is a very evil thing. The reason I ask
is that there is a certain network out there (who will remain nameless)
who refuses to peer unless loose source routing is enabled. I can
somewhat understand their reasoning (they can reroute traffic on OUR
network as necessary) but the security implications far out way the
benefits. Not only this I'm not comfortable with an outside source
having control over routing on our network anyway.


        Huh?

        The reason to permit this is to verify peering policy.  This
allows people to traceroute to verify packet path.  Example:
I announce 172.16.0.0/16 only.  I want to verify that you are not
pointing default at me, so I can do a loose source 
traceroute to 10.0.0.0 via the peering point.

        Most peoples peering policies that I'm aware of only required that
it be enabled at the edge (peering/nap router).

        - Jared

--
Jared Mauch  | pgp key available via finger from jared () puck nether net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.

Current thread:

Loose Source Routing David McGaugh (Mar 06)
- Re: Loose Source Routing Jared Mauch (Mar 06)
- Re: Loose Source Routing Alan Hannan (Mar 06)
- Re: Loose Source Routing Randy Bush (Mar 06)
  - Re: Loose Source Routing David McGaugh (Mar 06)
  - RE: Loose Source Routing Walters (Mar 06)
    - Re: Loose Source Routing Kevin Oberman (Mar 07)
    - Re: Loose Source Routing John Hawkinson (Mar 07)
- <Possible follow-ups>
- RE: Loose Source Routing Mark Borchers (Mar 06)
- Re: Loose Source Routing smd (Mar 06)
  - Re: Loose Source Routing Vadim Antonov (Mar 06)
    - Re: Loose Source Routing Valdis . Kletnieks (Mar 06)

(Thread continues...)