nanog mailing list archives

Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?]

From: joel jaeggli <joelja () bogus com>
Date: Wed, 05 Feb 2014 13:43:13 -0800

On 2/5/14, 1:24 PM, Jay Ashworth wrote:

----- Original Message -----

From: "Octavio Alvarez" <alvarezp () alvarezp ods org>

Maybe I'm oversimplifying things but I'm really curious to know why
can't the nearest-to-end-user ACL-enabled router simply have an ACL to
only allows packets from end-users that has a valid source-address
from the network segment they provide service to.


The common answer, Octavio, at least *used to* be "our line cards aren't 
smart enough to implement strict-unicast-RPF, and our boxes don't have 
enough horsepower to handle every packet through the CPU".

As I've noted, I'm not sure I believe that's true of current generation
gear, and if it *is*, then it should cost manufacturers business.


There are boxes that haven't aged out of the network yet where that's an
issue, some are more datacenter-centric than others. force10 e1200 was
one platform that had this limitation for example.

Cheers,
-- jra

Attachment: signature.asc
Description: OpenPGP digital signature

Current thread:

Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?], (continued)
- - - Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Tony Tauber (Feb 04)
    - Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Randy Bush (Feb 04)
    - Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Livingood, Jason (Feb 04)
    - Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Octavio Alvarez (Feb 04)
    - Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Livingood, Jason (Feb 04)
    - RE: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Frank Bulk (Feb 04)
    - Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Livingood, Jason (Feb 05)
    - Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Christopher Morrow (Feb 05)
    - Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Robert Drake (Feb 06)
    - Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Jay Ashworth (Feb 05)
    - Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] joel jaeggli (Feb 05)
    - BCP38 is hard; let's go shopping! Jay Ashworth (Feb 05)
    - Re: BCP38 is hard; let's go shopping! joel jaeggli (Feb 05)
    - Re: BCP38 is hard; let's go shopping! Christopher Morrow (Feb 05)
    - Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Seth Mattinen (Feb 05)
    - Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Mark Tinka (Feb 05)
    - Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Jay Ashworth (Feb 05)
    - Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Mark Tinka (Feb 05)
    - Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Jay Ashworth (Feb 05)
    - Re: TWC (AS11351) blocking all NTP? William Herrin (Feb 04)
    - Re: TWC (AS11351) blocking all NTP? Jared Mauch (Feb 04)

(Thread continues...)