Land and Cisco question
Randy Bush
randy at psg.com
Sun Nov 23 15:37:00 UTC 1997
>>> for each interface on a router
>>> block tcp which is both to and from that interface
>> I don't think that's sufficient. What about spoofed packets arriving via
>> interface A, with IP source and destination both set to the address of
>> interface B?
> no ip source-route should fix it.
<insert replay of we don't peer with LSR inhibitors discussion> Though temp
inhibit until YFRV deploys fixed code is understandable.
randy
More information about the NANOG
mailing list