dean at av8.com
Wed Dec 2 00:07:57 UTC 1998
You don't need a tool. People already have provisioning/configuration tools
or are doing it by hand. Whichever is the case, just add a rule to your
customers interface. You know when you configure the interface what the
mask is and what the broadcast is. All you need to do is add an access
list entry which applies to that customers interface.
The only real problem with this approach is customers which have large
blocks. If you have a /16, you are almost certainly not using x.y.255.255
as a broadcast. It is hard to know or predict what their subnet strategy
might be, but for such customers, you probably don't really need to worry,
and can expect a higher clue level from them. They can put their own
filters in place.
At 03:41 PM 12/1/1998 -0500, Jon Zeeff wrote:
>Who is willing to write a tool to do broadcast address discovery and
>access-list generation? Ideally with a config file that would allow
>one to avoid serious self smurfing (ie, ranges to check and patterns
>to assume are broadcasts without trying them).
>> Filtering broadcast addresses is pretty ugly. Consider that a single Class
>> C broken down into /30's can have 64 broadcast addresses. Maybe if it was
>> just filtering your own assigned subnets, it would be possible, but this
>> also applies to customer-subnetted broadcast addresses, so you'd have to
>> coordinate your filter with every one of your customers, every time they
>> change subnets. Not impossible, but pretty close.
Plain Aviation, Inc dean at av8.com
More information about the NANOG