nanog mailing list archives
Re: uPRF strict more
From: Mark Tinka <mark@tinka.africa>
Date: Wed, 29 Sep 2021 14:01:33 +0200
On 9/29/21 11:12, Nick Hilliard wrote:
urpf has its place if your network config build processes aren't automated to the point that it's no longer necessary. It would be a net security loss to the internet not to have it widely implemented on access devices.
As little as 12 months ago, many vendors either had no or a delayed roadmap to support uRPF due to lack of support on usually Broadcom chips, or just a lack of interest in developing code if the Broadcom chip they had supported it.
This was typically the case for new vendors entering the game, or existing ones who were starting to build a merchant chip product line.
I had this issue with Nokia's new IXR line last year. I think they may have implemented it on some of their boxes, but not sure yet.
Mark.
Current thread:
- uPRF strict more Randy Bush (Sep 28)
- Re: uPRF strict more Amir Herzberg (Sep 28)
- Re: uPRF strict more Saku Ytti (Sep 28)
- Re: uPRF strict more Nick Hilliard (Sep 29)
- Re: uPRF strict more Mark Tinka (Sep 29)
- RE: uPRF strict more Brian Turnbow via NANOG (Sep 29)
- Re: uPRF strict more Barry Greene (Sep 29)
- Re: uPRF strict more Saku Ytti (Sep 28)
- Re: uPRF strict more Mark Tinka (Sep 29)
- Re: uPRF strict more Amir Herzberg (Sep 28)
- Re: uPRF strict more Blake Hudson (Sep 29)
- Re: uPRF strict more Mark Tinka (Sep 29)
- Re: uPRF strict more Blake Hudson (Sep 29)
- Re: uPRF strict more Sabri Berisha (Sep 29)
- Re: uPRF strict more Blake Hudson (Sep 30)
- Re: uPRF strict more Phil Bedard (Sep 29)