OpenNTPProject.org

• Previous message (by thread): OpenNTPProject.org
• Next message (by thread): OpenNTPProject.org
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Jan 15, 2014, at 12:05 AM, Saku Ytti <saku at ytti.fi> wrote:

> (We do BCP38 on all ports and verify programmatically, but I know it's not at all practical solution globally for access).

Anti-spoofing is eminently practical for most types of access network topologies using even slightly modern equipment; uRPF, ACLs, cable IP source verify, DHCP Snooping (which works just fine with fixed-address hosts), PACLs/VACLs, et. al. are some of the more prevalent mechanisms available.

In point of fact, anti-spoofing is most useful and most practical at the access-network edge, or as close to it as possible.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

	  Luck is the residue of opportunity and design.

		       -- John Milton

• Previous message (by thread): OpenNTPProject.org
• Next message (by thread): OpenNTPProject.org
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]