BCP38 dismissal

Jo Rhett jrhett at netconsonance.com
Thu Sep 4 12:18:28 CDT 2008


On Sep 4, 2008, at 10:14 AM, Paul Wall wrote:
> On Thu, Sep 4, 2008 at 12:45 PM, Jo Rhett <jrhett at netconsonance.com>  
> wrote:
>> I'm sorry, but nonsense statements such as these burn the blood.   
>> Sure, yes,
>> protecting yourself is so much more important than protecting  
>> anyone else.
>>
>> Anyone else want to stand up and join the "I am an asshole" club?
>
> uRPF is important.  But all the uRPF in the world won't protect you
> against a little tcp/{22,23,179} SYN aimed at your Force 10 box.
>
> Ya know what I mean?


No.  Because our F10s aren't suspectible to that, period.  I think  
this whole "control panel policing" is flat out wrong, but honestly to  
argue that point I'd have to do some research into what Cisco is doing  
these days (never had most of the good anti-dos and flood-control  
stuff F10 has last time I looked) and frankly, it's not within my  
scope of work so I left that alone.

The focus of my comment was on the "BCP38 isn't important", because  
*THAT* is something that causes grief for me (and everyone) in the day  
job.

-- 
Jo Rhett
Net Consonance : consonant endings by net philanthropy, open source  
and other randomness






More information about the NANOG mailing list