Where is the edge of the Internet? Re: no ip forged-source-address

alok alok.dube at apara.com
Tue Nov 5 06:45:40 UTC 2002


> I'm opposed to some of the suggestions where to put source address
> filters, especially placing them in "non-edge" locations.  E.g. requiring
> address filters at US border crossings is a *bad* idea, worthy of an
> official visit from the bad idea fairy.

What is bad about filtering facing non-customers, if loose rpf is
used? I'm assuming this is what you mean by "border crossings" rather than
the literal.

--------->makes sense on the edge/aggregation but if you do it further up in
the network.....there maybe some cases where we have assymetric routing,
where the path of uplink is never the path the same as the downlink, and
infact the source network of the packet may never be present in the routing
table....(it is possible, after all its a packet switched network and the
routing is destination IP based) ...








More information about the NANOG mailing list