nanog mailing list archives
Re: Confirming source-routed multicast is dead on the public Internet
From: John Kristoff <jtk () depaul edu>
Date: Wed, 1 Aug 2018 10:58:09 -0500
On Wed, 1 Aug 2018 15:45:44 +0000 Adam Davenport <adam () davenpro com> wrote:
I can confirm that GTT does indeed filter IP sourced from 224.0.0.0/4 at its edge.
Do you mean sent to 224/4 or literally anything with a source address of 224/4? For those that are or are considering filtering, you might also want to consider limiting IGMP at router interfaces. The only known use of IGMP past the local link I'm aware of was for mtrace tool, but allowing it can pose some danger in two forms. One is yet another DDoS reflection and amplification vector, another is a some router system and configuration disclosure. See the following for details: <https://ccronline.sigcomm.org/wp-content/uploads/2017/01/p27-sargent.pdf> In experiments I ran in early parts of that work I found that Cogent did not forward IGMP messages through its network in my tests, but this may be due to the routing hardware/software they were using at the time rather than an explicit filtering policy. John
Current thread:
- Re: Confirming source-routed multicast is dead on the public Internet, (continued)
- Re: Confirming source-routed multicast is dead on the public Internet Dale W. Carder (Aug 01)
- Re: Confirming source-routed multicast is dead on the public Internet Saku Ytti (Aug 01)
- Re: Confirming source-routed multicast is dead on the public Internet Michael Crapse (Aug 01)
- Re: Confirming source-routed multicast is dead on the public Internet Tarko Tikan (Aug 01)
- Re: Confirming source-routed multicast is dead on the public Internet Mark Tinka (Aug 02)
- Re: Confirming source-routed multicast is dead on the public Internet Miles Fidelman (Aug 01)
- Re: Confirming source-routed multicast is dead on the public Internet Saku Ytti (Aug 01)
- Re: Confirming source-routed multicast is dead on the public Internet Saku Ytti (Aug 01)
- Re: Confirming source-routed multicast is dead on the public Internet John Levine (Aug 02)
- Re: Confirming source-routed multicast is dead on the public Internet Sean Donelan (Aug 02)
- Re: Confirming source-routed multicast is dead on the public Internet Saku Ytti (Aug 02)
- Re: Confirming source-routed multicast is dead on the public Internet Saku Ytti (Aug 02)
- RE: Confirming source-routed multicast is dead on the public Internet Jakob Heitz (jheitz) via NANOG (Aug 02)
- RE: Confirming source-routed multicast is dead on the public Internet Jakob Heitz (jheitz) via NANOG (Aug 02)