What were we saying about edge filtering?
Jack Bates
jbates at brightok.net
Sat Sep 6 18:18:22 UTC 2003
Christopher L. Morrow wrote:
>
> keep in mind its not destination addresses that are the problem here, BUT
True, but there is RPF checks based on routing. anything routed to NULL0
is generally treated by such filters as an invalid route and will
discard the packet of any source address from such a route.
Setting up BGP peers internally and applying route policies to null
route the routes received from the bogon peers would allow for easily
invalidating the routes and dropping packets which supposably originate
from them.
I know this is easily done with vendor C. I suspect that the other
vendors have implemented something very similar (heard J was easier than C).
-Jack
More information about the NANOG
mailing list