nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: BCP38 dismissal

From: Greg Hankins <ghankins () mindspring com>
Date: Thu, 4 Sep 2008 14:12:56 -0400
On Thu, Sep 04, 2008 at 01:14:20PM -0400, Paul Wall wrote:

On Thu, Sep 4, 2008 at 12:45 PM, Jo Rhett <jrhett () netconsonance com> wrote:

I'm sorry, but nonsense statements such as these burn the blood.  Sure, yes,
protecting yourself is so much more important than protecting anyone else.

Anyone else want to stand up and join the "I am an asshole" club?


uRPF is important.  But all the uRPF in the world won't protect you
against a little tcp/{22,23,179} SYN aimed at your Force 10 box.

Ya know what I mean?


Hey Paul, would you be able to demonstrate this problem?  I'd like to see
it so that we can investigate and fix it.

You are correct that the first generation of E-Series hardware (EtherScale)
had little control plane protection.

The current E-Series hardware (TeraScale) has a completely different
architecture that rate limits, queues and filters all packets destined to
the control plane.

Greg*

(* I am currently employed by Force10.)

-- 
Greg Hankins <ghankins () mindspring com>
Previous By Date Next
Previous By Thread Next

Current thread: