nanog mailing list archives
Re: Another question on rfc1918
From: Randy Bush <randy () psg com>
Date: Sat, 24 Nov 2007 02:54:03 +0300
aloha michael,
i realize that good practice many not be general practice, but ...
lsr is encouraged at routers bordering with bgp peers for debugging
purposes, i.e. so that A may learn B's routing towards C without
calling/writing/bothering B's engineers.
but lsr really should be blocked at hosts, e.g.
# grep lsr /etc/ipfw.rules
add deny log all from any to any ipoptions ssrr,lsrr,rr
i am not aware of a similar common use case for ssr.
randy
Current thread:
- General question on rfc1918 Drew Weaver (Nov 13)
- Re: General question on rfc1918 Joe Abley (Nov 13)
- RE: General question on rfc1918 Darden, Patrick S. (Nov 13)
- Re: General question on rfc1918 Justin M. Streiner (Nov 13)
- RE: General question on rfc1918 Drew Weaver (Nov 13)
- Re: General question on rfc1918 Joe Greco (Nov 13)
- Re: General question on rfc1918 Sean Donelan (Nov 13)
- Another question on rfc1918 Michael Painter (Nov 23)
- Re: Another question on rfc1918 Robert E. Seastrom (Nov 23)
- Re: Another question on rfc1918 Randy Bush (Nov 23)
- Re: Another question on rfc1918 Bruce M Simpson (Nov 24)
- <Possible follow-ups>
- Re: General question on rfc1918 Robert Bonomi (Nov 13)
- Re: General question on rfc1918 Joe Abley (Nov 13)
- Re: General question on rfc1918 Phil Regnauld (Nov 13)
- Re: General question on rfc1918 Joe Abley (Nov 13)
- Re: General question on rfc1918 Paul Ferguson (Nov 13)