Filtering Source Addresses on gw-internet
Tony Li
tli at juniper.net
Fri Aug 15 08:59:43 UTC 1997
jlewis at inorganic5.fdt.net (Jon Lewis) writes:
> I vaguely remember hearing somewhere that routing to a loopback interface
> was better than null0 for feeding unwanted packets into a black hole. Is
> that case perhaps not process switched?
Nope, sorry. Also process switched.
The hack to drop things fast is to find a lightly loaded LAN interface and
then forward it all to a non-existant system on that LAN. Of course,
you'll have to manually configure an ARP entry for the bogon.
Tony
More information about the NANOG
mailing list