nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Managing ACL exceptions (was Re: Filter NTP traffic by packet size?)

From: Jay Ashworth <jra () baylink com>
Date: Fri, 28 Feb 2014 11:09:09 -0500 (EST)
----- Original Message -----

From: "Ray Soucy" <rps () maine edu>



When I was looking at the website before I didn't really see any
mention of uRPF, just the use of ACLs, maybe I missed it, but it's not
encouraging if I can't spot it quickly. I just tried a search and the
only thing that popped up was a how-to for a Cisco 7600 VXR.


Well, I do mention it, right there on the home page:

"""
BCP38 filtering to block these packets is most easily handled right at the very edge of the Internet: where customer 
links terminate in the first piece of provider 'aggregation' gear, like a router, DSLAM, or CMTS. Much to most of this 
gear already has a 'knob' which can be turned on, which simply drops these packets on the floor as they come in from 
the customer's PC. 
"""

I simply didn't *name* the knob, cause the detail seemed out-of-scope for 
that context.  Where it would get named would be on the "information for 
Audience" pages relevant to access providers, which I have not written 
because -- not being a provider -- I have insufficient background to be
accurate.

We welcome contributions from people in those positions... you, perhaps?

Be bold!  :-)

Cheers,
-- jra
-- 
Jay R. Ashworth                  Baylink                       jra () baylink com
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates       http://www.bcp38.info          2000 Land Rover DII
St Petersburg FL USA      BCP38: Ask For It By Name!           +1 727 647 1274
Previous By Date Next
Previous By Thread Next

Current thread: